Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "validation"
-
The GET /users endpoint will return a page of the first 13 users by default.
To request other pages, add |-separated querystring with the limit and offset, as roman numerals enclosed in double quotation marks. Response status is always equal to 200, plus the total count of the resource, or zero when there's an error.
You can include an array of friends of the user in the result by setting the request header "friends" to the base64-encoded value of the single white pixel png.
Other metadata is not included by default in responses, but can be requested by appending ?meta.json to any endpoint, which will return an xml response.
If you want to update the user's profile picture, you can request an OAuth token per fax machine, followed by a pigeon POST capsule containing a filename and a rolled up Polaroid picture. The status code attached to the return postal dove will be the decimal ASCII code for a happy smiley on success, and a sad smiley if any field fails form validation.
-- Every single external REST API I've ever worked with.7 -
A typical demo...
Me: We added validation, server communication, caching....
Customer: Meh...
Me: We fixed bugs, sped up queries, implemented X features.
Customer: Meh...
Me: We surpassed the speed of light, transcended to another plane of reality, cured cancer, brought peace to galaxy.
Customer: Meh...
UI Designer: I prepared these sketches for the UI
Customer: Wow, so innovative, look at that beautiful transitions, even mobile design, just wow
Me: * dies *11 -
I've always made this joke, but it happened for real.
There was a existing bug in our machine for a very long time. So long that the validation engineer now treats it as a feature and they raised a issue when the bug was fixed :/7 -
My recent failure to build a responsive website according to a template tells me I should have worked with CSS a bit more.
The thing is, I write the type of CSS that passes the CSS validation with flying colors, but doesn't work as it should. Am I a minority(I hate that word), in that?
Now I have to redo the website or I'm not passing the exam. Lovely.5 -
Today I realized that I hit a total burnout. Last 3 years were extremely stressful for me (4 jobs in 3 different countries, exhausting and toxic relationship, bad habits). Last 7 months are the worst. I became lonely isolated and miserable. I learned to rely purely on stress, determination and validation to get through my days. Was supressing my emotions for a long time just to focus on making the money. Its time to break the cycle.
Im done with this. Next week Im quitting my fulltime job. Saved enough money for starting capital of my own dev services company. Built three projects that generate stable income to cover my living costs. Now finally I can take a long break to recover from this burnout and to heal myself. That poor persons mentality that I had from my poor family has been shattered. I achieved what I wanted in terms of having the money and gathered enough experience necessary to survive anywhere.
I managed to get through all this shit on my own with barely any support. People around me were draining me more than actually helping me. But I managed to do it and now its time to focus on myself, to heal and restore love for living. Im safe now.10 -
Me: "I'm a programmer"
Others: talks about linux
Others: search algorithms!
Others: service infrastructure
Others: memory optimization
Others: encryption
Me: "I'm a front end web developer"
Others: complex services
Others: strong user form validation
Others: lazy loading
Others: SEO
Me: "fucking, I make shit look pretty alright"11 -
Don't mind me, just writing maintainable, legible, commented and documented code. What's that, an email validation? Let me just
/^(([^<>()\[\]\.,;:\s@\"]+(\.[^<>()\[\]\.,;:\s@\"]+)*)|(\".+\"))@(([^<>()[\]\.,;:\s@\"]+\.)+[^<>()[\]\.,;:\s@\"]{2,})$/i11 -
Got assigned to fix a bug in a validation function that would always return true even if the data is invalid.
I looked at the code from the function and noticed that the only line of code in the function was "return true;"
Apparently, the programmer who wrote this function a few years ago got fired and no one ever finished his work.
Now it amazes me that no one ever has looked at the problem and just assumed it would be a complicated bug.7 -
Way to many...
- Passwords stored in plain text on the year 2014
- Not supporting HTTPS because to expensive
- Hidden admin URLS
- Databases available all over the internet
- Client Side validation
- IoT5 -
Ex-boss (who boasted 20 years of programming exp.) Would not let us work on a web project saying we didn't have enough experience and said he'd do it alone... Fast forward to 3 days before presenting to client, we get to check the log in interface and immediately find that there's no actual security, no validation... Just 2 text boxes with hard coded users and no way to add more without creating them in db... And if you knew the next page's URL you can actually skip the login... Needless to say he was removed from the project that instant and we (interns at the time) had to do everything from scratch. A 3 months project done in 2 days. Never been more stressed in my life :'(11
-
Productive day!
Rewrote an intern's feature and briefly explained how/why
Gave intern a choice of projects, and explained them
Removed two unused models, one unused route
Dried up two views into a partial
Redesigned said partial
Tested validation edge cases (ex: Jan 10nd, 101bc)
Fixed an api
Simplified three models
Added scheduling and platform restriction to a feature
Le wild bug appears: a user with negative xp!?
Wrote a migration to expand players' max xp to 2^64-1 because a certain legacy game gives it away like my ex-boss makes promises. Chewed at devs, but they're all long gone so :/
Won two games of pool
Browsed devRant
Busy day, and all of this while falling asleep! 😊
I'm quite proud of myself today.16 -
It's funny, whenever the subject of facebook vs privacy comes up (mostly I don't even initiate those convo's), people always start to defend facebook when I say that I THINK that facebook is build to get people addicted to it and get them to stay on facebook as long as possible.
Haha, one of facebook's early investers/ex facebook presidents said the following in an interview:
“It’s a social-validation feedback loop, exactly the kind of thing that a hacker like myself would come up with, because you’re exploiting a vulnerability in human psychology.”
So even an ex president of facebook is admitting this.
I also found the folloing a good one:
The underlying thought process while creating platforms like Facebook or Instagram is something like “How do we consume as much of your time and conscious attention as possible?”
Last but not least, the part I found the most scary:
“God only knows what it’s doing to our children’s brains.”
Yes, I find this scary.
Oh yeah and for the people who are going to call bullshit on this one, I've got one source and if you search engine on the title of that article then you'll find loads of websites having that story:
https://fossbytes.com/facebook-was-...26 -
Worst legacy experience...
Called in by a client who had had a pen test on their website and it showed up many, many security holes. I was tasked with coming in and implementing the required fixes.
Site turned out to be Classic ASP built on an MS Access database. Due to the nature of the client, everything had to be done on their premises (kind of ironic but there you go). So I'm on-site trying to get access to code and server. My contact was *never* at her desk to approve anything. IT staff "worked" 11am to 3pm on a long day. The code itself was shite beyond belief.
The site was full of forms with no input validation, origin validation and no SQL injection checks. Sensitive data stored in plain text in cookies. Technical errors displayed on certain pages revealing site structure and even DB table names. Server configured to allow directory listing in file stores so that the public could see/access whatever they liked without any permission or authentication checks. I swear this was written by the child of some staff member. No company would have had the balls to charge for this.
Took me about 8 weeks to make and deploy the changes to client's satisfaction. Could have done it in 2 with some support from the actual people I was suppose to be helping!! But it was their money (well, my money as they were government funded!).1 -
Never loose your hope ..
.
.
because once upon a time javascript was used just for form validation and jquery animation.6 -
!rant
The change log from notepad++ update. The last paragraph is the cream!
" The issue of a hijacked DLL concerns scilexer.dll (needed by Notepad++) on a compromised PC, which is replaced by a modified scilexer.dll built by the CIA. When Notepad++ is launched, the modified scilexer.dll is loaded instead of the original one.
It doesn't mean that CIA is interested in your coding skill or in your sex message content typed in Notepad++, but rather it prevents raising any red flags while the DLL does data collection in the background.
It's not a vulnerability/security issue in Notepad++, but for remedying this issue, from this release (v7.3.3) forward, notepad++.exe checks the certificate validation in scilexer.dll before loading it. If the certificate is missing or invalid, then it just won't be loaded, and Notepad++ will fail to launch.
Checking the certificate of DLL makes it harder to hack. Note that once users’ PCs are compromised, the hackers can do anything on the PCs. This solution only prevents from Notepad++ loading a CIA homemade DLL. It doesn't prevent your original notepad++.exe from being replaced by modified notepad++.exe while the CIA is controlling your PC.
Just like knowing the lock is useless for people who are willing to go into my house, I still shut the door and lock it every morning when I leave home. We are in a f**king corrupted world, unfortunately. "2 -
The problem with my life is acceptance from others. Validation (almost wrote vladiation).
For instance, I finished my course in Advanced Java Programming a few days ago. Supposed to be a year course or some shit, finished it in two months. They told me I don't need to go to the remainder classes and I could write the examination. Got the certifications, passed with flying colours.
Well done me? No, fuck you me. "It's not through Oracle, so it's completely useless. Har har you wasted your measly salary on a course and it means nothing". You know what? Fuck you and fuck validation. I will validate myself from now on.
Anywhom, what a start to a shitty rant. Let's go over some generic points so I can finally make my avatar.
IE can suck a duck ("oooh you made it and it runs fine in every fucking browser except fucking IE - slow clap).
Chrome RAM usage can suck a duck, two times. (just generic post, don't actually give a shit - I use Firefox).
People who can't use one fucking indentation standard ("oooh two spaces, oooh three spaces, oooooh a fucking tab button... " etc) can fuck off.
That fucker who came and converted my buildings in Age of Empires with the "wolololo" priest can fuck off too.
Been reading through devRant and you know what? You guys are pretty cool5 -
Rant rant = new Rant
rant.isRant = false // !!!
I woke up this morning after not thinking about my code for a day, and realized i had a flaw in my validation design. I fixed it before opening my eyes.
It's kind of amazing how not thinking about a problem can help solve it. Even if you don't know it's there!6 -
A client asked me to add a mobile phone field to a registration form and asked me explicitly to use their server side validation for it.
Apparently they need a valid provider prefix, but after that everything goes. This was passed as valid mobile phone number.11 -
"Your password must be between 8-20 characters and contain an uppercase letter, a lowercase letter, a number, a special character and a haiku about your childhood pet."9
-
Beating https://regexcrossword.com/ felt good.
But I have to admit: I could not beat the last one without breakpoint in the validation JS code. ;)
Being a web dev actually proved useful - free hinting system!5 -
Friend asked me to help with his HTML5 form validation. His back-end work was decent, but whoever did the front-end... Oh boy.
They used media queries for mobile etc, which was fine. Until I saw what the queries did. Instead of resizing the form accordingly, they hide the visible one and make another one visible.
WHY WOULD YOU DO THIS7 -
I was taking an introductory programming course. One assignment was to do a little payroll program, including some data validation. The program was supposed to accept terminal input and send output back to either the console or a printer.
Suddenly the printer began spewing out paper like crazy. One of the students (a particularly mouthy woman) had programmed a less-than-helpful error message ("YOU ARE WRONG") and then not provided any exit from the error-checking logic -- the program just re-read the last (failing) input and re-tested it. All in all, it was a very nice infinite loop.
After spitting through about fifty pages of "YOU ARE WRONG," somebody cut power to the printer, and the instructor had to flush the print queue manually. He went back to the student and asked if she had tested the program by sending the output to the console before trying to print it, and she said, yes, she had tested it on the console and ended up with a screen full of "YOU ARE WRONG" messages. Why, then, had she sent her output to the printer? "I thought I would be daring!"7 -
I hate this fucking front-end stuff so hard..
How DA FUCK is it possible that I set up the whole backend including DB connection, base controllers, models, base validation and stuff in an hour but don't get this fucking fucking retarded JS framework piece of shit to display a test string after ONE FUCKING HOUR!!!
Why do we need this shit anyway? Why does everything have to be shiny with some fucking animations???
It's about the information, isn't it? Then WHY DOES IT HAVE TO LOOK PRETTY???
I gonna travel back in fucking time to the early 80's!
Stupid front-end shit..23 -
Whoever coded tinder and bumble, fuck you for preying on desperation to try to make a quick buck.
Dating apps are just a tool for attractive folks to get quick self validation and for desperate folks to lose even more self esteem.18 -
My girlfriend...
We can't go longer than a few seconds without her saying something trivial and demanding validation from me 😂😂 Oh and trying to work while your lady is half naked sprawled out on the bed isn't very easy either...
Oh well, some things you just have to deal with in life.12 -
Root gets ignored.
I've been working on this monster ticket for a week and a half now (five days plus other tickets). It involves removing all foreign keys from mass assignment (create, update, save, ...), which breaks 1780 specs.
For those of you who don't know, this is part of how rails works. If you create a Page object, you specify the book_id of its parent Book so they're linked. (If you don't, they're orphans.) Example: `Page.create(text: params[:text], book_id: params[:book_id], ...)` or more simply: `Page.create(params)`
Obviously removing the ability to do this is problematic. The "solution" is to create the object without the book_id, save it, then set the book_id and save it again. Two roundtrips. bad.
I came up with a solution early last week that, while it doesn't resolve the security warnings, it does fix the actual security issue: whitelisting what params users are allowed to send, and validating them. (StrongParams + validation). I had a 1:1 with my boss today about this ticket, and I told him about that solution. He sort of hand-waved it away and said it wouldn't work because <lots of unrelated things>. huh.
He worked through a failed spec to see what the ticket was about, and eventually (20 minutes later) ran into the same issues Idid, and said "there's no way around this" (meaning what security wants won't actually help).
I remembered that Ruby has a `taint` state tracking, and realized I could use that to write a super elegant drop-in solution: some Rack middleware or a StrongParams monkeypatch to mark all foreign keys from user-input as tainted (so devs can validate and un-taint them), and also monkeypatch ACtiveRecord's create/save/update/etc. to raise an exception when seeing tainted data. I brought this up, and he searched for it. we discovered someone had already build this (not surprising), but also that Ruby2.7 deprecates the `taint` mechanism literally "because nobody uses it." joy. Boss also somehow thought I came up with it because I saw the other person's implementation, despite us searching for it because I brought it up? 🤨
Foregoing that, we looked up more possibilities, and he saw the whitelist+validation pattern quite a few more times, which he quickly dimissed as bad, and eventually decided that we "need to noodle on it for awhile" and come up with something else.
Shortly (seriously 3-5 minutes) after the call, he said that the StrongParams (whitelist) plus validation makes the most sense and is the approach we should use.
ffs.
I came up with that last week and he said no.
I brought it up multiple times during our call and he said it was bad or simply talked over me. He saw lots of examples in the wild and said it was bad. I came up with a better, more elegant solution, and he credited someone else. then he decided after the call that the StrongParams idea he came up with (?!) was better.
jfc i'm getting pissy again.9 -
Being a developer has it's advantages: I wanted to apply for a internet subscription for my home but my home adress wasn't recognized by the provider. So i wanted to send a complain form but this was only possible by providing it with a client number, which I obviously didn't have.
So this was my solution 🎉9 -
Oh my dear DevRant, please add code-formatting standards & check-style validation on submitted code snippets, because the wrong indentations of code snippet posts on DevRant is driving me crazy, check-style ftw!2
-
Me: ya hi, we integrated with your API and I'm receiving error x
Provider: ok we'll disable validation, plz check
Me: ya it works, what's the problem? I used a GUID for id and I'm sure it's unique, here is URL and request body
Provider: you have something wrong in your implementation. Fix it and it will work
Me: aaand what's the wrong part of my implementation?
Provider: id is not unique, fix it. *Hangs up*
I sometimes sit and wonder, how and why does this kind of people get hired, FOR FUCK SAKE YOU ARE THE PROVIDER AND YOU DONT KNOW WHAT THE FUCK IS WRONG!
fucking useless ...7 -
Rather than singling out one person, I wanna present what I see as incompetent/stupid/ignorant:
- no will to learn
- failure to follow the very specific instructions & later asking for help when they FUBR sth & not even knowing what they did to fuck up in the first place
- asking how to solve stuff, then ignoring the suggestions & doing sth totally against recommendations
- failure to remember most basic stuff, especially if not writing it down to look at later when needed
- failure to check logs & 'google' stuff before asking why something isn't working the way they want it
- after two weeks, asking me how feature xy works, mind you they coded it, not me
- asking me why they did something in a specific way - WTF, am I a mind reader?! Who designed that crap?! Me or you?!!
- being passive/aggressive & snarky when told to do something or being asked why isn't it done already
- not testing their shit properly
- not making backups when upgrading (production) servers
- not checking the input value, no validation.. even after many many debacles on production with null ref exceptions
- failure to admit they fucked up
- not learning from (their) mistakes8 -
My first actual rant on devRant:
Fuck corporate companies. Fuck agile development.
In the last 8 months I’ve been with this company, I’ve 1) made the app layout (which was super fucked) compatible with iPad. 2) reduced the apps size by 1/3 of the original size. 3) improved memory usage by double the efficiency, nearly eliminated all memory leaks. 4) gotten employee of the quarter for some of the above mentioned.
After all of this I got a talking to from product manager that “he knows I am a good developer but needs more consistency” after I spent a sprint on one story trying to consolidate front end validation logic and make a “validatableTextField” actually do some validation. So much for the MVVM you promised me.
Also, was promised I’d get some experience with Android, and with a team of 8 devs 6 of which have droid backgrounds and other two are juniors, guess whose only even built the droid project once in 8 months? You guessed it. This company has drained me of all of my knowledge, went against most of its promises to me, and values pushing features to the point of adding tech debt faster than I can solve it.
Unfortunately my personal life relies on this job or I’d quit right away. But you bet your ass I’m passively looking for something and I can’t wait till I get a job offer and quit on these ungrateful hypocrites.5 -
teenage me: "people asking me to help them with the printer or simple tasks are so annoying"
now: helps anyone with anything just to catch a break and get some validation2 -
Junior coder says validation is not needed on asp.net mvc form pages because it is not in the requirements or part of the definition of done. Wants to argue about it. Refuses to do it. Says I am over optimizing or some shit like that. Good luck with that. If you can't figure that one out or listen to feedback perhaps you should become a project manager not a programmer.11
-
I'm moving some old data into a new database.
It contains some dates that *should* be in ISO 8601...
This is some of the trash that I found:
01/01/70
2010-11-05T08:06:48T08:06:03.7
2007-09-13T
Moreover, it has a column which *should* contains numbers, instead it has been defined using varchar, so it contains also some wonderful 'NaN' values.
I really would like to beat the person who set up all this stuff without some basic validation policies.9 -
Thanks to Devrant I've learned about rubber duck debugging. Never heard of it before! It reminds me of a story many moons ago when I worked for a certain multinational company as a business analyst. The company brought in some consultants who basically stole the work my team was already doing on a big project (a horrendous series of spreadsheets linked to data coming from the core systems) and sold it back to the company for an insane amount of money as their idea.
When they launched the new product, the team I was in was asked to test and review it. It took my colleague ten seconds to bring the whole thing to its knees and trigger a corrupt data export back into the core systems. Bearing in mind this external company somehow managed to charge tens of thousands of pounds. So what did my colleague do? Hack the system? Some kind of complicated sabotage? Nope. He typed "FISH" into one of the spreadsheet cells! Thus the FISH test was born.
That day I learned several things: it's easy to break things with a fish; the importance of validating your input; and the satisfaction of showing up the smug bastards who stole your ideas and work.1 -
Me : I should start building user authentication system.
inner self : there are enough free and secure ones out there, just go read the documentation.
Me : fuck I'm not reading 10000 pages of documentation written in alien language.
inner self : well then you better start building
Me : **writes code
Inner self : you better add the data validation and security while coding
Me : I just want it to work !
Me after a few days trying not to suicide : the site is hacked, the code is bugged, hello darkness my friend5 -
When starting a project at work:
My name everywhere. Every file, every change-list I proudly put my name to prove my skills.
Program goes for validation:
Thousands of bugs.
Realize that I've written shit code. Slowly removing my names from all over the code. -
You know what really grinds my gears?
When a manager writes up some bullshit "this doesn't work".
Then you waste your time following up, and they say, "oh yeah, this so and so pop up came up with validation error X".
YEAH? AND I'M SUPPOSED TO KNOW THAT WHEN YOU WRITE ABSOLUTELY NO STEPS TO REPRODUCE, JUST COMING TO ME WITH "HEY, X IS BROKEN" GOD JUST GET FUCKING 1% TECHNICALLY LITERATE THATS ALL I ASK FOR I'M SO SICK OF YOUR SHIT2 -
Today was epic.
I made the first formal demo of the mobile application I have been working on for the past three months, and the whole team of the start-up I work at were all psyched about it. I got compliments from everybody.
Since I am the only tech oriented employee, what I do is pretty obscure to the rest of the company and I was not expecting such reactions and it was awesome. I'm proud of what I achieved, and the undivided validation made me feel like I own the world, even if I have still much learning to do.6 -
Today for the 4th time I explained to my colleague that just because the front end app can perform validation doesn't mean the backend shouldn't. Every fucking time for all of them.8
-
To all the web developers out there that use email validation, stop using a check for common domain names! If I try to sign up with my email address (something@coded-websites.be) it won't work! So stop doing that and use a RegEx please! Who has had this problem too?11
-
Just got a lection from my manager.
Today he sent me an email with request to change validation on one field validation from decimal(5,3) to int which will be 5 digit number. Ok i did that, I changed it on UI, changed validation, changed mappings, changed dtos, created migration files, and changed it in databse. After i did all of that I replied to his email and said that ive changed validation and adjusted it in database.
After my email here comes rage mail from manager with every fuckin important person in cc I kid you not. Manager is asking why the fuck did I change database when Ive could only use different validaton for that field on UI.
I Almost flipped fuckin table. What does validation good do if you wouldnt be able ti save that form? And form has like 150 fields. And if I left validation only everthing would fuckin break.
Sometimes i think that its better not to think.
FML7 -
I felt uncomfortable reading this response from the server ._. ( response is from a validation library called Joi )7
-
Yes you can have hyphens in email addresses, you incompetent nincompoops!!! Just use the standard regex for email validation and stop trying to make your own rules!!!!21
-
team lead: what is the minimum lenght validation on the first name field?
dev: i decided to put minlenhgt 3
team lead: why? did you tests it
Dev: i tested it. 3 makes sense to me
Team lead: isint your first name 2 letters long?
Dev: oh i dodth think about that4 -
dear api author at my company pt. 2:
If you're gonna create an api method that takes some arguments.
And one of those arguments is an array.
THEN MAKE THE FUCKING ARGUMENT'S NAME PLURAL YOU FUCKING PIECE OF SHIT.
REPEAT WITH ME, MOTHERFUCKER.
ARRAY, PLURAL, NON-ARRAY, SINGULAR.
I need to pass a shitload of filters for the data for this table, and for every suckin fuckin filter I need to singularize this shit. Thank god for es6.
I know this sounds like nitpick, but I swear to fucking alpha omega this guy is inconsistent as fuck.
Every time it feels like he makes up a new rule.
Sometimes I need to send arrays of ids, other times arrays of objects with an id property on each.
He uses synonyms too, sometimes it's remove, other times erase.
PICK ONE MOTHERFUCKER.
If you can't do the basic things well, then what is to expect of more advanced stuff?
Naming conventions you fucking idiot, follow them. It's programming 101.
You're already sending them as plural in the fucking response. Why change them for the request?
And that's just style, conventions.
This idiot asshole also RARELY DOES ANY FUCKING CHECK ON THE ARGUMENTS.
"Oh, you sent a required argument as null? 500"
We get exceptions on sentry UP THE ASS thanks to this useless bone container.
YOU'RE SEEING THE EXCEPTIONS TOO!!!!! 500'S ARE BUGS YOU NEED TO FIX, YOU CUMCHUGGER
And sometimes he does send 400, you know what the messages usually are?
"Validation failed".
WHYYYYYY YOU GODDAMN APATHETIC TASTELESS FUCK???
WHAT EXACTLY CAUSED THE FUCKING VALIDATION TO FAIL????
EXCEPTIONS HAPPEN AND THANKS TO YOU I HAVE NO IDEA WHY.
The worst of all... the worst of fucking all is that everytime I make a suggestion to change shit, every time, you act like you care.
You act like the api is the way it is because you designed it in a calculated manner.
MOTHERFUCKER. IF A USER HAS ONLY PRODUCT A, THEN HE SHOULDN'T BE ABLE TO ACCESS DATA FOR PRODUCT B. IT IS NOT ENOUGH TO JUST RESTRICT SHIT WITH ADMIN ROLES. IDIOT!!!!!
This is the work of someone who has no passion for programming.10 -
We (as new hires) had to add a fallback logic for input validation on every input element using only JSP and Spring controllers just because the client still uses IE6 and fucking disables Javascript!!5
-
We have an API available for our customers to integrate our software with their Webshop.
A client and their developer complained because not all of the products came through. I checked the products, the validation, the parameters, the database .. everything looked fine and I was scratching my head why these articles wouldn't come through (but it did work at my end).
After some time, I checked the request logs..
Apparently it wasn't quite clear for them that a loop is required with the 'skip' and 'take' parameters to create an offset for pagination.They only synchronised the first 500 products.. everytime..
We have a limit of 500 products per batch (take) for performance reasons.
They asked if we could increase this limit, because they have "a large range of products" (not really, only 800 or so and we have clients with more than 2mil. products..) Oh pls.. I've sent them a link to the PHP manual for a basic 'while' loop..2 -
This rings true even if the customer is internal. Built a feature and provided documentation on how to use it and one of the end users still used it wrong.
It was a simple validation process too. Input the member ID then click validate, the app then checks if the person is in the system and fills in some other fields and does some other backend stuff. How could you get that wrong?! 🤔7 -
Me: "The exploit worked when you tested it too, right?"
Them: "..."
Me: "You tested it too, right?"
Them: "..."
*facepalm* -
Today I read one article. A guy last name is "Null". Every time he gets frustrat when filling online forms. Most of forms validation will not accept "Null" as a value.
here's the link to article
http://www.wired.com/2015/11/null/1 -
I made a functional parsing layer for an API that cleans http body json. The functions return insights about the received object and the result of the parse attempt. Then I wrote validation in the controller to determine if we will reject or accept. If we reject, parse and validation information is included on the error response so that the API consumer knows exactly why it was rejected. The code was super simple to read and maintain.
I demoed to the team and there was one hold out that couldn’t understand my decision to separate parse and validate. He decided to rewrite the two layers plus both the controller and service into one spaghetti layer. The team lead avoided conflict at all cost and told me that even though it was far worse code to “give him this”. We still struggle with the spaghetti code he wrote to this day.
When sugar-coating someone’s engineering inadequacies is more important than good engineering I think about quitting. He was literally the only one on the team that didn’t get it.2 -
Did you know that talking about your goals actually decreases your chances of reaching them? It's a form of social validation. Talking about them and receiving praise from your peers in a sort of mini-goal which could replace the actual goal so you are less motivated to actually go for the real goal. Best of luck anyway! May the odds be ever in your favor when facing procrastination😂1
-
What.. the actual... fuuuuuck?!
Browsing through changes on TFS (yeah, yeah boo me for using TFS instead of git if you like, I don't care, most people use/prefer TFS here, so I conform 'to the standards'..)
Anyhow, going through changes, looking for the one where some comment appeared..
'a wild comment appeared'.. tadaaah!
Checked the rest of changes.. Hm.. Someone did a validity check.. that returns the 'false' if not passed.
// OK, great! They are finally testing their shit and fixing stuff..
But apparently then they decided it is OK to do all the shit anyways.. so WTF?!
Why even bother validating it?! Oh yeah, forgot... cuz in case it returned false YOU WERE NOT SUPPOSED TO LET SOME STUFF HAPPEN!! But they weren't assigned with that exact task I guess..
TO DO:
- do the validation algo // fml, not going into how fucked up that was written..but it was horrible!
- do validity check where appropriate/needed
- test validity check and that it doesn't break functionality
+ check if the validation actually logically works?! nope, not on my to do list, not my job..
All done, better not actually do something that requires you to think.. :\
How the fuck that happened?! How can one person be assigned to check if something is stupid/wrong?! and when checking (&confirming) still lets the customer do that shit anyways?! What's the point?! O.O13 -
Woke up this morning to a fucking giant snowstorm and my first reaction was 'fml' , poured some coffee , lit a smoke and started checking my work mail 'Issue xxxx response : Not solvable '...what the...I go through the files on my phone , look at what that issue was : lack of proper validation , filtering and encoding of input thus enabling xss . Not solvable my ass ...simply adding literally 3 more characters to that fucking retarded filter would stop all the bypasses . This issue is a showstopper for their project and that is what they answer ?
Sorry to indians out here but some of your colleagues are as stupid and unimaginative as they can possibly ever come .8 -
Fuck uninspired jr devs that are simply collecting a pay check.
I have been handed a project that a jr dev was allowed to wallow on for over two fucking years. This lazy mother fucker managed to create 5 functions, a whole fucking mess of bullshit that I now have to straighten out on top of the 8 other things that I have to deliver on in the next month.
They never followed requirements. Not-a-one. The API is fully broken. The DB schema is BEYOND fucked. There's ZERO validation/sanitation on I/O. The deployments only work half the fucking time. Their code is so spaghetti I'm getting triggered from when I worked at Olive Garden with Eminem. But hey, at least they were able to demo it to the client to say "it works".
I don't condone violence, but every time I find malformed if statements, linter exceptions, broken deploy configurations in this project -- I just want to kick them in their stupid fucking face.
Wherever you ended up you piece of shit, I hope your dreams of becoming a rich asshole only bring you unending despair. I believe you can make it though, because you're already halfway there.5 -
I had to make an account for my kid's school.
Last night I start. I put in a username, then it has a quality meter for the password. I put one in and it goes to like 90%. Ok, fine. I submit and...
Validation error on the username field. Message? [object Object].
Try all different kinds of username: no numbers, all caps, etc. But no luck so I give up.
Today I try again and get stuck again. Then I think... "Maybe the devs suck worse than I think..."
I change the password so that it's rated 100% and submit... Success.
Fucking devs.3 -
PayPal always making me laugh. A photo I tweeted some years ago...
Translation:
Placeholder: (Optional)
Validation: This field is mandatory1 -
What's a bigger sin.
Returning a status code of 200 and then the message body saying "An Error Occurred"
or
Only performing data validation on the frontend.18 -
Putty remote executuon vulnerability(no patch yet)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to unspecified input validation error when processing data, received from SSH server. A remote attacker can trick the victim to connect to a specially crafted SSH server and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.7 -
One of my classmates was working on a login form, and the fucker handtyped a 100+ character email validation regex but forgot to add a check to make sure no fields were blank.
It was funny when I was able to create an account with no username, breaking his website, and even funnier when I told him html forms have a built-in email pattern5 -
Want to be likeable or get your way through people?
No need to sell ice cream, just validate those insecure souls.
Wide majority does not want their fragile bubble to be broken even if they are suffocating within.
All they seek is validation. That's fucking it. That's the secret.
If someone asks you for some opinion or support, most of the time they are just want to hear how great their mediocre thought process is.
Someone's lack of ability accept criticism and grow is the sole reason they are stuck in quicksand situation and only drowning further.
An unethical social skill but this will take you a long way and also help you stay sane from the insecure narcissistic scums by avoiding toxic interaction.
JUST VALIDATE THEM.27 -
I coded the app so good
I optimized the UX SO GOOD
I made the UI look GOOD
I made the error handling and input validation ROCK HARD SOLID BULLETPROOF
NO FUCKING WAY COULD YOU FUCK THIS UP
NO WAY COULD YOU BE DUMB ENOUGH NOT TO KNOW HOW TO USE IT AND NOT FUCK IT UP
I GAVE IT TO MY DAD AS A NORMAL USER TO TEST THE APP AND HE FUCKED IT UP ON THE FIRST TRY
HE DIDNT UNDERSTAND THE UX.
.10 -
Me: After 3 days of deliberation, I finally picked a framework, I can jump into the rewrite
*2 hours of inspired coding later
I finished the configuration validation and logging setup! What was that framework again?1 -
Don't you just hate filling a sign-up form which is validated to such an extent that it even requires everything to be entered in capitals. UGH! JUST CONVERT TO CAPS IN YOUR BACKEND FOR GODS SAKE!!!1
-
So, according to my customer, the internal app I just released is "far too aggressive and not overly polite to users".
After querying this the client was referring to validation error messages.
Where I've wrote "Set a payment method before creating the order", the client would prefer it to be ""Please set a payment ...".
I guess it's a fair enough observation, but the client's phrasing made me chuckle :)3 -
Can companies please check their address policy for consistency before implementing some bullshit constraints? Literally happened minutes ago:
Me: __enters address "city"__
Website: Hey, I auto-correct your city to "City (Region)"
Me: __submits form__
Website: Whoa there, you can't enter braces in your city name!2 -
HTML quick maffs
If you want to have a placeholder for native <select> element, just do the following:
<option value="" selected disabled hidden>Choose...</option>
It will make a native placeholder that:
- is accessible and readable by screen reader
- doesn't show up in options list
- allows native validation with "required" attribute (note the empty value attribute in the placeholder option).
It's unfortunate that we don't have it the way we have placeholder in inputs, but this is the next best thing.3 -
A team at school spent 3-4months on an eStore web app, for selling items. The title was "Securing your eStore".
When they were done with their presentation, the examinator asked: "But... You haven't said a thing about the security part."
"Oh, sure we did, as we showed you, we added validation on the email address and credit card text fields etc. If you press the Pay button here, you will get an alert()-dialog telling you which fields are invalid..."2 -
'17:15' < '09:45' === false
'5:15pm' < '9:45am' === true
I either need a language with a stronger type system, or coworkers who understand that comparing raw time input in validation is a bad idea 😡6 -
Fulfillment company: the order you put in our system is wrong, the hours we needed to correct this will be charged to you (Red: or rather my employer)
Me: *Checks logs and our server - finds out the order was made in their own webform/webapp*
Me: hey how come I can put in values in your webform that should not pass sanity checks, thats weird (in this case it was a product w/ a quantity of 0)
Fulfillment company: we don't do sanity checks or validation, we just find out when shit crashes and burns, nothing weird about that
Me: WTF1 -
UX quiz:
a) trim whitespace characters from credit card or bank account input
b) refuse transaction, show error message: "no spaces are allowed in the card number"13 -
Just had my last day at my current job last week. I got this amazing virtual card with 20-30 people telling me how amazing I was and how large of a difference I made. I’m not someone that seeks or needs validation, but to see those comments in writing really made me feel good and like I made a huge difference.4
-
API Request validation is stupid.
Until you remember
* Your target audience is highschool students
* Your front end dev loves to fuck your stuff up
* His mom works in QA and she equally likes to fuck shit up
* It's just a good idea
* People just fucking suck8 -
Dont become a dev if you:
- Cant sit in the office for 8-10 hours a day
- Dont know how to google information/ errors, instead you interrupt your teammates with stupid questions every 5 minutes
- Are a perfectionist and don't like constant change.
- Are neurotic and give up easily. If you get triggered about broken or messy things to the point where it ruins your day to you and everyone else around you. You need to separate your work from your life.
- Don't have good communication skills. Worst I saw was a guy who speaks with a stutter(nobody understands him) and also writes very poorly (nobody understands his emails). Also he gets very angry when you ask additional questions to clarify what he said. How can you work with someone like that?
- Are very sensitive to critique. I prefer someone telling me that my code is shit and telling me why, instead of feeding me delusions and false validation.
- Dont know how to balance working in team and working solo. Nobody likes lone wolfs who are arrogant and not in sync with the team. But also nobody likes to drag teammates who cant think for themselves and even after years of spent in the field are required constant spoonfeeding because they are unable to google and teach themselves with trial and error.14 -
I just created a free Spotify account using the email spotify@spotify.com. The leisurely breeze that is the input validation team's work at Spotify.2
-
What the actual fuck...
What kind of API does not do data integrity validation, and allows me to subscribe a user to a newsletter list with a non-existant list id ?
That's some fucking bullshit. fucktards at www.make.as1 -
List of shit my superior said and wrote in the project:
1. Prefer to write "pure" SQL statement rather than ORM to handle basic CRUD ops.
2. Mixing frontend and backend data transformation.
3. Dump validation, data transformation, DB update in one fucking single function.
4. Calculate the datetime manually instead of using library like momentjs or Carbon.
5. No version control until I requested it. Even with vcs, I still have to fucking FTP into the staging and upload file one by one because they don't use SSH (wtf you tell me you don't know basic unix command?)
6. Don't care about efficiency, just loop through thousands of record for every columns in the table. An O(n) ops becomes O(n * m)
7. 6MB for loading a fucking webpage are you kidding me?
Now you telling me you want to make it into AJAX so it'll response faster? #kthxbye2 -
Got a ticket saying we need our website's record creation wizard to have better validation. No worries, just some regex, right?
Sure, regex for name entry (with the usual white person assumptions about names), and fixing the fact that it's in-page popup doesn't close on save. Or save draft. Or delete.
And also you need to apply the name regex for the fields on this page to all the previous names that the user lists.
And there's that one issue where the address history message always shows no matter what.
Oh and make sure that if they choose to ignore those validation issues then the validation message is in the notes for the record.
And fix the thing where it saves as draft instead of as a normal record.
And and and and and...
Can we just talk about making it 1 problem per ticket? This sort of shit makes me look bad when it takes me a week to fix 1 ticket, when I'm usually a few-a-day kinda person5 -
In vulkan we don't say it works we say
VUID-vkAcquireNextImageKHR-fence-01287(ERROR / SPEC): msgNum: 207921847 - Validation Error: [ VUID-vkAcquireNextImageKHR-fence-01287 ] Object 0: handle = 0xe7e6d0000000000f, type = VK_OBJECT_TYPE_FENCE; | MessageID = 0xc64a2b7 | vkAcquireNextImageKHR(): VkFence 0xe7e6d0000000000f[] is already in use by another submission. The Vulkan spec states: If fence is not VK_NULL_HANDLE it must be unsignaled and must not be associated with any other queue command that has not yet completed execution on that queue (https://vulkan.lunarg.com/doc/view/...)
Objects: 1
[0] 0xe7e6d0000000000f, type: 7, name: NULL
VUID-vkAcquireNextImageKHR-swapchain-01802(ERROR / SPEC): msgNum: 1050126472 - Validation Error: [ VUID-vkAcquireNextImageKHR-swapchain-01802 ] Object 0: handle = 0xcb3ee80000000007, type = VK_OBJECT_TYPE_SWAPCHAIN_KHR; | MessageID = 0x3e97a888 | vkAcquireNextImageKHR: Application has already previously acquired 1 image from swapchain. Only 1 is available to be acquired using a timeout of UINT64_MAX (given the swapchain has 2, and VkSurfaceCapabilitiesKHR::minImageCount is 2). The Vulkan spec states: If the number of currently acquired images is greater than the difference between the number of images in swapchain and the value of VkSurfaceCapabilitiesKHR::minImageCount as returned by a call to vkGetPhysicalDeviceSurfaceCapabilities2KHR with the surface used to create swapchain, timeout must not be UINT64_MAX (https://vulkan.lunarg.com/doc/view/...)
Objects: 1
[0] 0xcb3ee80000000007, type: 1000001000, name: NULL
and I think that's beautiful10 -
I am stuck with another Postman.
Attrition in my current org is way to high in product teams and we have only one designer shared between ~100 people (10 product lines).
My ex-lead (a genius) and my skip level manager (very smart chap), both keep saying that my manager is a very good manager.
However, in reality, I don't find so.
- Only responds to my questions
- Ignores any other form of communication
- No help on any front
- No support or validation on my tasks (hence, I have to actively keep asking for feedback)
- Regularly cancels 1:1
- Involves other team members in 1:1 and cancels theirs as well
- Says I am doing well but keeps nitpicking in my work
- Hardly reviews anything
My company is amazing, pay is good, perks and opportunities are wonderful, kickass learning but my direct manager isn't making me feel comfortable working here.
Maybe she is too cramped with responsibilities but again, I have never seen her deliver anything and all she does is a postman job of taking inputs from her manager and pass on to me and coordinates until me and her manager decide to jump on a call and figure things out ourselves.
It's just been 3 months and I feel more annoyed than worried about being here.4 -
Am I going crazy or is the web dev community on some otherworldly drug?
Now "server-side"-whatever is the coolest thing ever?
To the point where client side validation is not recommended anymore and actively discouraged? Are you kidding me? So, you mean to say after filling a long form with millions of fields, the page will RELOAD when I press submit and after waiting an eternity for your shitty server to respond then and only then will I know what fields are invalid?
GTFO with that bullshit.
How in the world is that good UX/UI?
I've always had this theory that we humans are the dumbest species to ever walk this earth. I mean, serisouly, how is this even a thing?
Imagine if a mobile app had to restart to tell you that your email is invalid in a simple form.
But.. but... but... what if the client has disabled javascript? Then fuck them! Who the fuck cares? What's next? Some dumb user is still using Android 2.1 Eclair and we should make our app support them? Fuck no! Fuck them, they should update.
Newsflash, if Javascript is disabled, then pretty much everything will be broken anyway.
Form validation should be instantenous. This isn't rocket science.
It should happen as the user types so they can see what's valid/invalid in real-time.
This does require effort and consideration, something many devs lack apparently.
This is just ridiculous.27 -
Neat: MongoDB. Fairly easy to use, intuitive-ish JSON API. Thinking about using it on a project. Excitement.
Neater: Data validation. You can have it drop writes that don't match a schema. Excitement intensifies.
Braindead: It absolutely will not tell you exactly *why* the write doesn't meet the schema, leaving you to figure that out on your own, smart guy. Mongo smugly crosses its arms and tells you to go back and do it right without actually telling you what the problem is.
Fucking braindead: This has been an open feature request since year of our lord two-thousand-and-fucking-fifteen. https://jira.mongodb.org/browse/...7 -
Me: The dev agency didn’t follow best practices. They only implemented front end validation on the form. The form submits to a public endpoint, so bots don’t have to go through our site to submit the form. That’s why our database is still filled with $1 donation transactions. I honestly recommend telling this to the dev agency and request that you not be charged for the extra work needed to do this right.
Manager: They charge $95/hr and they’re billing for 8 hours already.
[Aside: The agency’s task was to implement a $10 minimum on the form, do some text changes, and deploy.]
Me: I would expect work to be done according to accepted best practices. It’s really a half done job.
Manager: But they were very helpful when we had that payment processing emergency. They stayed late to help us. We shouldn’t push this in case we need their help again. Can you do the backend validation? [We are in US and agency is in Lithuania.]
Me: 🤬😩😑🤐[To myself: This wouldn’t have happened if the fundraising team hadn’t panicked and would only wait until I came back from my one day of PTO.]1 -
Yes, a plus, i.e. `+`, is a fucking valid char for an email address.
Your online service is shit, you don't know your craft, and you should feel bad about yourself!
But you thought email is fucking simple, google for email validation regex and took copy pasted the first fucking find from some random blog that validates anything but an actual fucking valid email addresses, didn't you!?
(Funfact, the plus sign allow to create email aliases in some free mailer services. GMail for instance. That's why I l like using emails like my.actual.mail+I_KNOW_WHY_YOU_ARE_SENDING_SPAM@gmail.com as my registration email. Also, brute-force that login email.)3 -
Our invoice report crushed because someone paste an invalid character which devExpress couldn’t handle.
I told boss we should trim and run regexp test for all string input.
Got rejected.
Why?!?!?!🧟♀️🧟♂️🧟♀️ 🧟♂️3 -
I may not be a dev... (learning in my off time though, best thing ever) but I have been responsible for the computer system validation, requirements definitions and planning of a new piece of software that will have a major increase in effeciency for a division consisiting of over half our companies employees.
For months it has been a painful process. I have had night terrors, immense pressure on my head all the while thinking we are getting to that final goal (live deployment), and the light at the end of the tunnel has just seemed to be getting further and further away... Like a donkey chasing a carrot on a stick.
After all the grey hairs, stress and drinking I am finally going to deploy this thing to the live environment tomorrow. Funny thing is its the part of this process that managers are stressing about and I am here like... Oh wow my Friday just got a whole lot better1 -
Did you know, that you can just type 'thisisunsafe'? This will tell Chrome to skip certificate validation 🤯1
-
I hate dumb variable names as much as I hate people who don't signal when they drive.
Never mind the fact that there's a validation-state variable inside his controller, separate rant.1 -
Looking for a second opinion/validation.
*Me: “Perhaps this simple and concise way to ensure the user doesn’t lose their data before they leave the page that requires non-zero yet minimal input from the user. (Read: ya gotta push a save/submit button)”
*Everyone else: Let’s pretend to read the user’s mind and perform relatively complicated functions behind the scenes, of which the user will most likely be unaware, that will add an undetermined amount of complexity to the development because we think it’s “where things are going,” by saving the value of a certain HTML element as it loses focus.
Edit: this is an exclusively-internally used app.4 -
Using cookies for verification and validation without encrypting the values which should have been handled in the backend without any use of cookies.
I wonder how vulnerable by website was... -
Some hacker went through a lot of trouble to get around a minimum order amount on our site. And they’re still hitting us after Cloudflare issued a bunch of blocks. Well, there are some back doors I have to finish closing. I guess I’m lucky I’m just inheriting this site and I’m not the one who built it. But I’m still unlucky because I have to fix this mess. But damn hacker, why’d you go though all this trouble to get around existing validation. Go find another site to charge $1 amounts and test your stolen credit card info. Pretty please 🥺
-
javascript generated captcha and javascript captcha validation in my university website... over hundred thousand students use this website to check results
function ValidCaptcha(){
var string1 = removeSpaces(document.getElementById("AVCODE").value);
var string2 = removeSpaces(document.getElementById("UVCODE").value);
if (string1 == string2){
return true;
}
else{
alert("invalid captcha");
return false;
}
}
function removeSpaces(string){
return string.split(' ').join('');
}1 -
Just discovered one of our core systems had literally used api key validation of "drop into database, if exists, its fine"
Well, around 30 seconds later, I have successfully authenticated with apikey "%". Wonder why.... Sigh... Patch already pushed, but still it left bad taste in my mouth...
lesson for beginers:
validate, validate, validate. If user could touch it, treat is as broken unsafe and if used it will nuke your home. check if it will, than use it. -
Today when registering myself for a website I was asked to validate my email address. Literally I was sent an email with only "Please verify your email" in the body. So I responded with "ok". Lets see how long it takes for them to realise their mistake.3
-
One of the online education tools my high school used had client-side validation for test answers
As if that wasn't bad enough, the correct answers were literally marked by the CSS class 'correct', meaning that any idiot who could figure out how to open the devtools could see the correct answers
Thankfully, this program was ditched before it was used for anything major2 -
You may know I love to hate tests. Well not the tests actually, what I hate is the TDD culture.
DBMS schema in my app dictates a key can either have a value, or be omitted - it can't be null, and all queries are written with that in mind (also they're checked compile-time against schema). But tester failed to mock schema validation, inserted a bunch of null keys with mock data, actually wrote assertions to check those keys are null (even though they never should be), and wanted me to add "or null" to my "exists" queries.
No, we don't need more tests, and you're not smart with your "edge cases" argument. DBMS and compiler ensure those null values can never exists in our DB, and they're already well tested by their developers. We need you to stop relying on TDD so much you forget about the practical purpose of the code, and to occasionally break from the whole theoretical independent tests to make sure your testing actually aligns with third-party services some code uses.
And no, we don't need more tests to test your mocks, and tests to test those test, and yo dawg, I heard ...5 -
Not adding input validation to that one page that time.
I knew my users were bad. I knew they'd fuck up. But I trusted the spec I trusted them.
Never again. -
I was just going to sign up for a new ISP when they asked for my email. But they managed to screw up the email form validation by only allowing domains with the tld comprising of two or three characters! My email address ends with “.blog” so had to use my university email 😠
Please follow the RFC6 -
First real dev project was a calculator for a browser game, that calculates the optimal number/combination of buildings to build. I got bored constantly doing it manually, so I made this program as a fun and useful challenge. It involved basic math, and I did it in VB.
Second one was a stats tracking page for my team in another browser game, that let us easily share and keep track of stuff. It allowed us to minmax our actions and reduced the downtime between actions of different players. HTML, CSS, JS, PHP, MySQL.
Third one was a userscript for the same game that added QoL features and made the game easier to play. JS
Fourth was for the first game, also a QoL feature userscript, that added colors/names, number limit validation to inputs, and optimization calculators built in the interface. It also fixed and improved various UI things. Also had a cheating feature where I could see the line of sight of enemies in the fog of war (lol the dev kept the data on the page even if you couldnt see the enemies on the map), but I didnt use it, it was just fun to code it. JS
From there on, I just continued learning and doing more and more complex shit, and learning new languages.2 -
"Can you look at this bug when inputting negative numbers?"
I check the app and think, "negative numbers don't make sense here".
Sure enough there is validation in place to prevent negative numbers being typed.
Yet they still managed...
By pasting in negative numbers, after being unable to type them, thinking "fuck it I'll paste it instead", then complaining to us because they abused our app.
Seriously.
Fuck.
Off.2 -
WTF?!? so apparently I guy I know, knows the guy who built dodeley.com (don't get me started on the name!)
Oh boy... Where should I begin? So besides the fact that I'm pretty sure these newsletters will be classified as spam (aites like mailchimp and so on actually pay large mail providers not to classify them as spam, I doubt they do...), their so called "widget" is just a form, sent to their domain using GET, FUCKING GET, NOT POST, GET!!! The request looks something like "dodeley.com/?action=subscribe&id=xxx&field1=xxx&..." I mean like, WTF? Oh and their solution to not leave the page is simply to add a target="_blank" to the form, that you have to include on your site.
Did I mention, that the form id is static? Did I mention, that there's no validation on what you enter?
Who the fuck programmed this shit? Honestly!1 -
It annoys me when restaurants provide an online form for reservations, put in their disclaimer that "no reservation = no table", but when you make the reservation things go wrong.
For starters: their infrastructure not working on weekends (while they are open on weekends), them doing manual instead of automatic validation of a reservation, them not even knowing how to manage their own reservation system (which gives me the idea that they purchased some random reservation software).
I ended end having to call them about my reservation, they had a confused voice at the phone while they were navigating their own reservation software and ended up saying "Yeah ok table is booked, bye". I understand they're stressed out but come on, I don't think this is a modern nor graceful process. If you're boasting about having a reservation form, then at least live up to it. It reminds me of another restaurant where I had made a reservation online and when I got there, they told me "Next time book by phone please, we're not used to our software". For *********** sake.
Bah.1 -
I was think of using ajax to pass data from javascript to php because of some validation to my multiple checkbox, then before i go home the idea hit me to just use validation in php with some basic variable manipulation and if else, i just wasted 2 hours of searching just to arrived at a basic solution, i think it's much better to think before you code about what you want to do,but when i open my text editor i get distracted a lot.11
-
My email is just as valid if there is a whitespace at the end of it as if there wasn't.. ffs, just add a trim!
-
If you’re a Russian ux engineer who is present in a Russian ux community and you fucking make your form validate on change event and that leads to the situation when a user starts entering their email and your bouba form immediately throws WRONG EMAIL errors, we don’t call you a bouba.
We call you a ебанок (ebanok) — a small, stupid and miserable creature that you can only feel hatred mixed with disgust towards.
This shit is acceptable if you’re an intern making their first shy steps creating their own personal project, but if you push this to production, you’re a ebanok. If you don’t know how to do ux, just use server-side validation or display errors with alerts on submit.
You fucking ebanok.7 -
TFW looking at the regex for the password validation is easier than trying to decipher wtf they want16
-
!rant
We were finishing another sprint of our grocery shop site at school and it was time for a demo.
There we are, showing our work before the other students. Our teams have a healthy habit of always checking each other not to leave some stoopid mistakes in the final versions, so everybody always regExes and validates THE SHIT out of every input field, both in the view and on the server side. But this one team found out that sometimes it's not enough.
Like every team, they're asked to buy a negative value from their shop. The guy clicks through the process, buys exactly -1 of a banana. He clicks the button to purchase and the site returned "Added banana to the cart!" and we're like "haha n00bz". But someone asked them to show the cart and everyone stopped immediately.
There were 9999 bananas in the cart.
Turns out the member responsible for purchase validation made it add 10000 if the quantity of a bought product was negative.
To this day I can't understand why he did that. xD4 -
Create a html page on paper, a simple form.
That part was easy.
The hard part was to create the ajax submit function with the validation, jquery is ok.
Failed the test because no way i can remember those shit.
That was 6 years ago -
In my experience object oriented is very good for composing high level abstractions into a complete system. Functional is awesome for validation, parsing and massaging data in any way and imperative is tithe most useful paradigm to handle side effect dependent code that either manipulate the computers state ( read/write) or communicate with external systems.
The people acting as if one of them is the one true way are misleading you.3 -
In a helper for a testing environment there was a flag called CheckLayoutConf. The documentation stated: if set checks if the layout configuration is valid and fixes it. I was curious about the validation and fixing mechanisms, so I looked into the code. But if the flag is set, then the layout configuration is just deleted, so in the next start of the program a new default layout configuration is created. Nice "validation" and "fixing" you for there, I thought to myself.
-
context: I'm sort of a self-deprecating guy and I really don't look for validation.
So, i decided to fuck it. I tried to provide the best decisions in terms of money-wise/biz-wise but apparently this guys rather choose what he believes is best for the code... (he knows shit of coding and that's coming from someone who is not a software engineer but rather a physicist who happens to code).
So, now i let him make all decisions. no opinion from me. a few things are going to shit because of him... fuck it. i had it. as long as I get paid. fuck him.
this is probably common... sorry for the rant.7 -
Me waiting for my neural network model to finish fitting. Omg, what do I need? A computer the size of the enigma machine just FILLED with graphics processors? And my validation accuracy rate is falling as I wait. Imma cry!4
-
how i declare Coding session of the day to be over : when i see an error about an error that is not an error... :D
(hint: fatal: validation failed but when asked if it passed, returns true... ) -
Decided to get myself a new phone as the 2013 model is getting morally obsolete. I can still flash Lineage/Android10 and it will run it. But the apps (e.g. Google Maps) nowadays are such a performance hog it can't cope.
So I've searched through gsmarena, prioritizing smaller phones, picked myself a candidate and had it on my desk after few days.
The 2013 mindset still the same "do the backup before touching the phone in any way". How do you do backup? Unlock bootloader, boot/flash TWRP, run backup.
I've realized only after the unlocking and some googling, that the unlock automatically deletes TA partition and stored DRM keys. So advanced licensed features of the phone are gone. Also there is no way to lock the bootloader again, so I've lost the SafetyNet validation too.
tl;dr: I've fucked up my new phone as a first step after I got it.6 -
I'll try to pay back some smaller credit by one large credit...
Hence I need to contact the banks and get one (!) fucking frigging stupid piece of paper which lists the account number and the amount of money I need to pay back.
Sounds simple ...
Well.
One bank just answered my email request by sending me that piece of paper. Except they didn't have any validation of my identity.
Yes. They answered the request of 'I want to pay back the credit in full, can u send me the necessary documents?' (more formal of course) with confidential data without any more credibility than my email address.
YAY.
Another bank requests a telephone call for identity validation and sending back a signed form via postal service...
Another bank just needs a PDF sent via mail with an electric signature (yeah. They were aware of what that means - I was shocked and confused) or a "qualified signature matching previous documents" (translated from German).
The last one offers a WhatsApp number - send a GIF / JPG or video and we answer directly.
I need to reach a higher state than drunk.
It's not funny to know how confidential data gets mistreated by companies who should have the highest security.4 -
Must be great to be a giant fucking dumbass company raking in more than enough money, that you can't add 40-50 more characters on why your API doesn't like our call.
"Here's an API call with 3 different ways to make a call, we will show you an example for only the easiest method, AND if you get the more complex ways wrong, we'll just respond with an error code 422 with the error message "validation failed".
fuck.
you!!!!!!!!
I don't give a fuck about calling them out:
Its Bexio.5 -
Intel, wtf kind of drugs is your stupid site on?
Trying to make an account, the password requirement says "at least one special character".
Ok, no problem.
"Password format is invalid"
Wut? Hmm, maybe it doesn't like that one. Let's try one from their suggested ones.
"Password format is invalid"
WTF? The fuck is your problem?!
*reloads the page, tries again*
"Password format is invalid"
ARE YOU FUCKING RETARDED?
*adds the special at the end of the password instead of the beginning*
It works.
https://youtube.com/watch/...
And then we wonder why bugs like Meltdown and Spectre come up. These guys can't even do fucking password validation properly.
And I've just lost 30 minutes because of this shit.
FUCK! -
!rant. Story from my college abt 6 months old.
We had to make projects for our course.
One team made a very nice project. One part of that was mobile no. verification using OTP.
And the student who was supposed to to that, did it by sending the required otp to the frontend page, and when user enters it, validate it using javascript.
The prof got mad about it and the rest of the class couldn't stop laughing.
Just remembered. Thought it would be worth sharing. -
Stakeholder: We have users who are putting like “John and Mary” on their membership’s first name field. Can we restrict that field so they can’t do that?
Me: But what if that user does identify as “John and Mary”?
Besides, what’s to stop any user from taking out the “and” and making it “John Mary” so they can get around input validation for words like “and”?9 -
When in an application security talk put on by our cyber security department and one team (not mine) is being chastised for only doing client side validation, another dev asks so at what point can we trust the user? A few people nod and indicate they want an answer, and the speaker, said never, you never trust the user.
I can't believe people can graduate and get a job and keep a development job, especially in a highly government regulated company like where I work2 -
Today I implemented a system for storing all errors in a global store in Vue. That means field validation errors, API errors and potential generic errors. It works really well, and displaying an error is as simple as referencing it's source, if any. Flexibility at its finest.
-
I had joined a new company and got access to their codebase. They were updating password on MD5 hash of user name and their email in get request. No password validation, no token based authentication, nothing.
Eg
...com/change_password/email=(plainemail)&name= MD5(name)
That's it, you get change user password. -
When you register to dev rant and write your first rant, only to realise you didn't validate your mail address, and this validation throws you back to the front page, losing your changes3
-
Company sends email notifying us we'd need to register for two factor authentication because it would be mandatory for all access to email within a week. However, it had to get manager approval and had a side effect of giving us access to work from home (which my manager hates). So, we send the request to him, explain the situation, he denies it and says "that can't be right! Let's do this: if you do in fact lose access to email, then I'll approve it". Well, we did lose it, and just spent two days without any access to email and it was a huge pain to get the registration process done because one of its steps involved getting a validation code from the email.1
-
When you realize your professor who programs since the 486 era names all variables as such ad "vd_gr" (Validation date grant renewal), doesn't know what encapsulation is and writes his own cryptography algs, which basically replace one letter by another
**Facepalm
**then I still I have to tolerate all the critics for why I dropped college5 -
Am I the only one here that needs more time to create user friendly and Idiot-save error Messages than writing the whole validation of stuff?5
-
What makes free ssl "Unsuitable for e-commerce websites", Please read to end to see my view point.
From Namecheap:
Free Certificates are domain validation only which means they don't certify the identity of the website owner, they simply ensure a secure connection. Customers can't be sure of the integrity and trustworthiness of the website owner. If you need to secure credit card and personal information on e-commerce websites, free certificates aren't the answer. It's important your customers trust your business is safe enough to hand over these details. To gain this trust, you need a certification of your authenticity, which you can only get with a (paid) Business Validation or Extended Validation SSL Certificates.
https://namecheap.com/security/...
* "To gain this trust, you need a certification of your authenticity"
~ But isn't that just Domain Verification and other Extras, What justifies somebody or business's authenticity? Tax Id, Valid Address, Nobody is going to study the ssl cert to make sure that amazon.com is a valid business and has a tax Id.
* "domain validation only which means they don't certify the identity of the website owner,"
~ Wouldn't this just be the domain validation test that is required when using services like LetsEncrypt using Certbot etc, or are we referencing back to this idea that they look for a Valid Tax Id sort of thing?
* "If you need to secure credit card and personal information on e-commerce websites, free certificates aren't the answer"
~ Why is the paid version going to do double encryption, is the CA going to run a monitoring tool to scan for intrusions like a IDS or IPS? (disregard the use of DNS Validation being in the picture)
Am I missing something, this just seems like well crafted text to get people to buy a cert, I could understand if the encryption was handled differently, Maybe if they checked the site for HSTS or HTTPs Redirect or even, They blocked wildcard SSL before and now with the paid its included, but overall it doesn't sound like anything special. Now I'm not just picking on namecheap because domain.com does the same.14 -
I am done with .NET and it's bullshit error messages.
"Validation error happened! Please see Entity.Validation.Properties to see what the error is, then consult an oracle, who'll summon a demon who'll answer only three questions . . ."
FUCK OFF and just give me the error. I swear to god exceptions in NET always lead to some stupid fucking scavenger hunt rather than just letting me know what the fuck went wrong. This isn't the first time I've encountered this either, where it tells me there's an error and there's a mountain with a shaman at the top who'll provide me with the details if I can just hire a sherpa who'll help me climb it.3 -
Project with partner company, during the meeting I asked them how can we secure the communication between two services. I suggested api keys, tokens. They were like nope, no need. But I asked them for their IPs to do whitelisting on our side in Nginx.
But their side, nah not even whitelisting, no tokens, no validations. If one has address, can send anything from anywhere.
How hard would it be to do at least, AT LEAST simple token validation. And they are using the very old IIS server. I think for them as long as data flows in as expected, it is fine.3 -
Mfw on azure/iot conference, one presenter shows his certificate validation, to connect to all devices in his house:
return true;
He said:
"lets not be paranoid about security" -
Well at least he added the time....
My Drafts section is looking pretty nice now huh? :)
@dfox is the # of hours between posts now dynamic as well?
And perhaps its time to think about getting outside funding and help. Seems growth is now exponential? and I'm kind of feeling this is like the Facebook/Twitter for Developers.... but prolly not sustainable with just 2 devs who are also footing the bill.
In startup speak I guess validation is over and you have won!2 -
The joy when tools do not have machine parseable output.
I'm looking at you SBT. My favorite pile of poo.
Remove the logging level from each line, then trim the line, then stab around inside the line with regexes, fishing for a possible match which hopefully is right...
Then stripping scala information like the object type, cause yeah...
A line can be for example "[info] Vector(File(...),File(...))" where info is the log level, Vector the wrapping sequence type, File(...) the wrapping element type and the string inside File(...) what yours truly needs.
As this is lot of shitty shabby string stabby stabby, we need to add a fuckton of boiler plate validation cause who knows what we just murdered.
To make it even more fucked up, a multi project project can produce different output for the same key.
:-)
Yeah. So we need to fix that too.
By the way, one can set log output to unbuffered in SBT.
Then the output is in random order :-)
Isn't that fun? Come on, you wanna poke that pile of shit, too.
The SBT plugin way is by the way no alternative, as I need a full Java environment for execution.
Which brings me to the last point:
For fucks sake, writing CLI applications in Java is so much bloody boilerplate code.
There's ugly and then there's the "please kill me" kind of level.
50 lines just to write a basic validation of argc / argv with commons cli.
That's 6 lines in python. Not kidding. :(
I currently hate everything.
Moments where the job sucks: When you have to hotwire two electric cables with high currency by giving both cables the blowjob of your life.3 -
If you use exceptions for your data validation, I hate you. I hate you so much, in fact, that I will become famous. Then I can say to you that a famous person hates you. I will become president and the first executive order I sign will be to make the official policy of the United States that I hate you. I will invent a time machine so that I can go back in time and on every one of your birthdays, past present, and future, look you in the eyes and tell you I hate you. Then I will travel to your death bed and in your final breath I will tell you I hate you. I will change the timeline so that you will celebrate Christmas and believe in Santa and then tell your four year old self that Santa isn't real. I hope your kids never learn how to read, and if they already know how to read I hope they forget how to read and never learn how to read. I hope all of your friends become vegan, atheist, flat earth, crossfitters and insist on regailing you with their life style on your every meeting.
I guess what I'm saying is that I'm having a bad day.3 -
What the hell is wrong with the browser on iOS....
For Christ sakes almost no input attributes work. I have a Sign Up feature that validates passwords with a pattern attribute; doesn't work, required attribute; doesn't work, input type number; doesn't work.
What the fuck is wrong with this thing. Even Internet Explorer knows what those attributes means. Absolute joke now i need to implement it manually. Fuck off apple.11 -
I had the idea that part of the problem of NN and ML research is we all use the same standard loss and nonlinear functions. In theory most NN architectures are universal aproximators. But theres a big gap between symbolic and numeric computation.
But some of our bigger leaps in improvement weren't just from new architectures, but entire new approaches to how data is transformed, and how we calculate loss, for example KL divergence.
And it occured to me all we really need is training/test/validation data and with the right approach we can let the system discover the architecture (been done before), but also the nonlinear and loss functions itself, and see what pops out the other side as a result.
If a network can instrument its own code as it were, maybe it'd find new and useful nonlinear functions and losses. Networks wouldn't just specificy a conv layer here, or a maxpool there, but derive implementations of these all on their own.
More importantly with a little pruning, we could even use successful examples for bootstrapping smaller more efficient algorithms, all within the graph itself, and use genetic algorithms to mix and match nodes at training time to discover what works or doesn't, or do training, testing, and validation in batches, to anneal a network in the correct direction.
By generating variations of successful nodes and graphs, and using substitution, we can use comparison to minimize error (for some measure of error over accuracy and precision), and select the best graph variations, without strictly having to do much point mutation within any given node, minimizing deleterious effects, sort of like how gene expression leads to unexpected but fitness-improving results for an entire organism, while point-mutations typically cause disease.
It might seem like this wouldn't work out the gate, just on the basis of intuition, but I think the benefit of working through node substitutions or entire subgraph substitution, is that we can check test/validation loss before training is even complete.
If we train a network to specify a known loss, we can even have that evaluate the networks themselves, and run variations on our network loss node to find better losses during training time, and at some point let nodes refer to these same loss calculation graphs, within themselves, switching between them dynamically..via variation and substitution.
I could even invision probabilistic lists of jump addresses, or mappings of value ranges to jump addresses, or having await() style opcodes on some nodes that upon being encountered, queue-up ticks from upstream nodes whose calculations the await()ed node relies on, to do things like emergent convolution.
I've written all the classes and started on the interpreter itself, just a few things that need fleshed out now.
Heres my shitty little partial sketch of the opcodes and ideas.
https://pastebin.com/5yDTaApS
I think I'll teach it to do convolution, color recognition, maybe try mnist, or teach it step by step how to do sequence masking and prediction, dunno yet.6 -
Ranting...
So they called me for a phone interview, I made a good impression, the job desc. states that it's a full stack Java/J2EE Developer, after all they hired me.
Now I found myself doing validation (Implementing a VTP for functional testing) using UFT and VBS for an eclipse RCP application made in 2007, in my previous job I was a TL for a Spring/angular application with five other developers building a LIMS from scratch, I feel a bit disappointed, although the salary is pretty good and there is no stress at all.
Any comment is welcomed.10 -
The website load time is so fucking slow!!
FIX IT!!
And i saw the images they uploaded was a jupiter-sized images.
It's the devs fault for not making validation.
But me, as a designer must help them resize those fucking already uploaded images to be web-friendly. -
How we devs hate getting humiliated on stack overflow when we don't get the answer and someone make us feel stupid for even posting the question.
How we also secretly wish for that validation and feel proud when there are more likes on our questions.
No? Just me? Ok cool 👍5 -
Using Oracle ADF along with ADF Faces to build a simple learning management system. No JavaScript, no external stylesheets, all inline styles, no client side validation, doing form submit for every field's onblur event triggering a server-side validation, creating a VO for every damn page requiring data, creating an EO for every DB table or view, adding big-ass custom queries for most EOs to join on multiple tables, frequent N+1 queries, etc.,
Idont remember the rest of the problems5 -
Today I‘ve been investigating a freeze in our app. It took me many hours to narrow it down to the textfield validation regex. And it turned out to be a "catastrophic backtracking" issue.
I‘m a regex noob so I don‘t have a clue how it occurs exactly. But I‘m a bit perplexed about what a seemingly innocent regex can cause.
For me it became another argument against regex now.
I‘ve rewritten the regex into readable code and the freeze is gone.
I could try to fix the regex but… nah. The code is better anyway.7 -
Not posting as often lately because my childhood dream — a Nintendo DSi — finally arrived, in time for my birthday. More of a gift to that teenage boy who’s dead now than to his older trans female counterpart, but still.
Been playing Pokémon HeartGold, enjoying my life, all due to things improving at work & medication cumulative effect kicking in. Finally.
Without burning internal pain, a poet ceases to be a poet. I rarely write now. I still have wild dreams, and I write down snippets for them not to be lost when I’m properly awake, but I just… don’t have that strong of an urge to share them here. Maybe I’m not as dependent on someone else’s validation anymore.
I’m planning to team up with someone who can draw, so we can make zines, as suggested by you. If you can draw — let’s talk!2 -
Amount of text you need to read to do something the framework way.
At the end it turns out you can’t do it cause nobody thought about it and it’s just another piece of crap for doing simple things. You start digging inside framework code and see that something is wrong. You see copyright Google and you wonder if they have phd for selling their ass on street. Why the fuck you override the validation flag to true every time ?
Then you start invoking couple of methods and one of them works and stops that madness but you don’t know why but you proceed further so you can glue shits together to stop the ship sinking.
At the end after you’ve tried all the “simple” examples that works cause they’re stupid and you need something special you start to think if this framework is so unique and special cause it covers 90% of things, left you with hands full of crap ?
At the end after wasting whole day to change the border color of the input using couple of separate controls the framework way and when you succeeded you ask yourself really ?
One fucking event emit and couple of listeners with style change ? Damn you frameworks with your bidirectional easy fast doing shit.
Another day in paradise.6 -
The scope for this project was absolute horse shit, and now they are mad because the end product is still horse shit...
I want to feel guilty for the outcome, but I just can't. This is something they should have had foresight for. Validation and testing is absolutely atrocious here. No official real scenario testing, and now the whole thing has been blown wide open for all the shit it can't do. -
Started doing deep learning.
Me: I guess the training will take 3 days to get about 60% accuracy
Electricity: I dont think so! *Power cut every day lately
My dataset: I dont think so! *Running training only achieve 30% of learning accuracy and 19% of validation accuracy
Project submission: next week
😑😑😑2 -
Dear Prestashop developers, f**k YOU!
I already hate this shitfuck what you call the best open source e-commerce solution, but your module validation technique sucks.
They use tons of useless rules, but the last addition was the last drop: they force you to use the old (and long) array declaration.
So now I have 500 new errors in this fucking module.
Why the fuck do you want me to force an old syntax?3 -
tfw you have matured enough as a developer to look at old legacy code (some of which you contributed to) from a hacked together UI Frankenstein kludge and immediately you notice all the security flaws.
How fortunate there is strong query param validation going on...otherwise this would be a veritable shit storm. -
*Writing JS validation*
step1: testing for the 1st time
Chrome: all good
Firefox: with bug
IE: ugh... it's hard to explain
step2: fixing script
Chrome: all good
Firefox: all good
IE: with bug
step3: fixing script for IE
Chrome: with bug
Firefox: with bug
IE: with bug
step4: revert to step 2
Sorry, IE, but I don't know what you disliked there... -
Well I was in school for web development I chose to take the elective course intro to web as an easy online class. And almost failed an assignment for using css3 for rounded corners and shadowing all because it did not pass validation because it was not standard yet. Shows how little that teacher knew about the industry...... Face palm
-
When i was in a student project, a guy wrote the whole e-mail validation in js from scratch,using only the key down event. We all wers like: "Wtf dude, yu no Google? "
-
Currently working on my own Express App with CSurf for csrf validation.
Works great but one problem...
HOW THE FUCK SHOULD A POST REQUEST COMING FROM JAVA GET THE FUCKING TOKEN.
Should I made my RESTApi without csrf protection?
I am crying right now...17 -
Working for a large client converting paper forms to the web. Stated goals, simplify data entry for clients, improve data quality, reduce resourcing in backend human processing.
We met to review prototype and discuss workflow questions. Crazy deadlines, with the usual changing scope creep.
We start to point out the need for data validation, to shorten # of questions based on answers.
Business says no. All forms should be submittable regardless of what user enters, don’t put validations in because all that warning messaging confuses them and takes up more time.
Web form should behave like the paper copy....
Welcome to 1975!!! This is why 2018 won’t be like 2018...1 -
Work wants me to scroll to invalid fields after validation on a form. Is there actually a use case for that? Because it sounds terrible.21
-
"I would say my biggest pet peeve related to the industry would be people focusing on technology instead of design, standards instead of users, and validation rather than innovation. Web standards and best practices are noble goals, but all too often in our community people forget they are a means to an end, not the end itself." - Jeff Croft
-
On support this week. Had to work until 7pm because of a bunch of pending tasks from last weeks support pair, had to wake up at 2am to restage our apps in our cloud env, and then wake up at 6am again to do deployments and validation only to have management breathe down my neck as to why my deliverables aren’t done yet.
It’s only been day 1.6 -
Random opinion question:
I'm working on a thing where the user provides a big CSV and we process it and put it in the database, or update existing records.
This data impacts other things, but the data isn't front and center as a group of n the application for them to notice / see again (well they can query for it).
I'm thinking of taking the CSV and then presenting them with a table showing how we processed that data giving them a chance to review it before they commit it to the database...
I like this idea for two reasons:
1. If something goes sideways there's a chance someone will see it and I'm not sure I can do enough validation on a big ass CSV from god knows where to be sure we're going to process it right... (I'm going to do some validation but just can't cover it all)
2. It takes some of the mystery out of what happened / is happening for the user for.
Anyone try this in the past? Seems reasonable, but lots of things do before they go sideways.7 -
My employer has an application for product ordering/maintenance. Sounds pretty normal. It's an Excel spreadsheet that uses VBA to do the work, with a ton of SQL functions for row validation and procedures for database functions.
The guy that wrote it was a contractor who left the company well over 5 years ago.
No one on my team knows VBA. Me being the new guy gets tasked with this shitty VBA application's upkeep. Any time one of the braindead users fat fingers a value and the form blows up, I'm responsible for telling them exactly why they are stupid and sometimes I have to fix it for them because of the protections on the spreadsheet.
I've been asking the business to back a project for my team to develop a replacement but there is already so much happening for IT at my workplace, and my team is so under staffed (3 devs? Really?) That we spend most of our time fixing broken old shit.
We get an intern next month. Hopefully things improve soon because this tucking time bomb application sucks for everyone involved.3 -
So this is kinda hard to talk about but.. I finally got to a point in my career where I don't have a boss, work remote, make my own schedule etc.. problem is .. I am very low on productivity I feel like I'm working maybe 1/10th of my capacity and although Yea this may sound dream-like .. it gets old and I'm realizing that I used to excel at my last job for my boss.. I wanted to please him in every way for validation and acceptance..
Yea that's dysfunctional as fuck .. so basically how the hell do i use my own mind to drive my excellence? I'm so lost and don't really know how to find the motivation that people pleasing once brought me..
For some context as well, I have also done a lot of psychedelics over the past couple years and it has basically destroyed my ego .. "but that's a good thing" you say?
Well yes and no, I used to rely on my ego to drive me on my own in lieu of wanting acceptance and validation from my boss. So that was a bit unexpected, getting rid of my ego got rid of my dysfunctional drives to prove myself to others and seek acceptance..
Gahh I'm ranting :'D
TL;DR: how do you motivate yourself if you've traditionally found motivation through pleasing others???4 -
There have been a few :)
If say it's a videos utter project I initially though was good. Apart from loading a view the controllers didn't do anything - my initial thought was some magic was happening behind the scenes.
However, when I opened up the view things changed.
ALL the business logic happened in the view. Everything. Form processing, consuming an app, file uploads, validation, crud ... You name it, it happened in view. The developer created a raw MySQL connection and build his queries by concatenation g strings, the whole system was wide open to sql injection.
Even more annoying was the "source control" he invented. Every file had several copies. I.e. "User(working).php", "user_v3.php" and even "user(working_no_profile_fields_1.php". It wasn't even like there was any consistency in what file was actually used either. A complete mess. The system had around 69 screens too. No idea how the developer got that gig.2 -
Let me rant! I don’t usually do this but this is just frustrating and draining. Please tell me if im wrong. We have authentication that needs to be refactored. I was assigned on this issue. Im a junior btw. I also attached an image of my proposals. The issue of the old way of our signup process is that when validation fails they will keep on accepting the TaC (terms and conditions) and on our create method we have the validation and creating the user. Basically if User.create(user_params) create else throw invalid end. (Imma take a photo later and show it you)which needs to be refactored. So I created a proposal 1. On my first proposal I could create a middleware to check if the body is correct or valid if its valid show the TaCs and if they accept thats the moment the user is created. There is also additional delete user because DoE told me that we dont need middlewares we have before and after hooks! (I wanted to puke here clearly he doesn’t understand the request and response cycle and separation of concerns) anyway, so if middleware is not accepted then i have to delete the user if they dont accept the TaCs. Proposal 2. If they dont want me to touch the create method i could just show the TaCs and if they dont accept then redirect if they do then show form and do the sign process.
This whats weird (weird because he has a lot of experience and has master or phd) he proposes to create a method called validate (this method is in the same controller as the create, i think hes thinking about hooks) call it first and if it fails then response with error and dont save user, heres the a weird part again he wants me to manually check on each entity. Like User.find_by_email(bs@g.com) something like that and on my mind wtf. Isnt it the same as User.create(user_params) because this will return false if paras are invalid?? (I might be wrong here)
This is not the first time though He proposes solutions that are complex, inefficient, unmaintainable. And i think he doesnt understand ruby on rails or webdev in particular. This the first time i complained or I never complained because im thinking im just a junior and he hs more experience and has a higher degree. This is mot the case here though. I guess not all person who has a higher degree are right. To all self thought and bachelors im telling you not all people who went to prestige university and has a higher degree are correct and right all the time. Anyway ill continue later and do what he says. Let me know if im wrong please. Thanks4 -
Finished a validation library and knowing the common excuse for not using code already written (devs come down with 'not invented here' syndrome) is "I would have used it, if there was documentation". Spent this week documenting each class/method, diagrams, scenario based code examples, sent to my boss for review ...
Boss: "Wow...this is fantastic. All our libraries should have this level of documentation. You even updated the project's Nuget package to include a link to the documentation. Devs won't have an excuse now. I'll clear your plate for the rest of the year so you can get started."
What the hell did I just do to myself? FML.1 -
@dfox @trogus
Is there a way to hide ++ and notifs from the UI itself
I am thinking about the current UI, seems like it is designed to “catch-up”.
A more refreshing design would be where i get to hide all the ++ and notifs from the UI itself.
That way App engagement is solely based on my realistic interest rather than an need for external validation8 -
Project Zero team found that a specially crafted URL could make the Git client into sending credential information of an alternative host to an attacker's host. In this case, the specially crafted URL needs to contain a newline character to trick the credential handling (performs url decoding on most possible url components, no additional validation) and sending the data off to an alternate host.
Updated Now : Credential protocol code is now forbidding newline characters in any values.
More : https://lore.kernel.org/lkml/...1 -
Business managers not taking ownership for quality of data. If systems are not designed with proper data validation controls at each upstream data entry point them downstream processes and revenue will suffer. You will have a continuous data cleanup black hole.2
-
They keep training bigger language models (GPT et al). All the resear4chers appear to be doing this as a first step, and then running self-learning. The way they do this is train a smaller network, using the bigger network as a teacher. Another way of doing this is dropping some parameters and nodes and testing the performance of the network to see if the smaller version performs roughly the same, on the theory that there are some initialization and configurations that start out, just by happenstance, to be efficient (like finding a "winning lottery ticket").
My question is why aren't they running these two procedures *during* training and validation?
If [x] is a good initialization or larger network and [y] is a smaller network, then
after each training and validation, we run it against a potential [y]. If the result is acceptable and [y] is a good substitute, y becomes x, and we repeat the entire procedure.
The idea is not to look to optimize mere training and validation loss, but to bootstrap a sort of meta-loss that exists across the whole span of training, amortizing the loss function.
Anyone seen this in the wild yet?5 -
I wanted some ideas on how to word an error message better, so I googled "error message best practices".
80% of the results were about form validation and not actual code breaking errors >:(
On the up-side, I now know that I must not say "No, Bad User!"3 -
Actual validation message. I will omit the culprit to not shame them:
Your password must be at least eight (8) characters long and contain at least one letter,
one digit and three (3) special characters. No combination of any of the previously mentioned
requirements may be in a repeat success of one (1) or more. Special characters must be
separated by at least two (2) non-special characters, not including numbers. You may not
use more more than one (1) upper-cased and one (1) lower-cased letters in order together. You
may not begin or end your password with an uppercase letter or special character. You may use
no more than eight (8) special characters in your password.
If you need any assistance with this process, please send a message to our support staff.
Message: PASSWD-NG
Your IP Address: 50.202.37.1335 -
So 3 devs spent all of yesterday investigating a bug. Tracked it down to field validation handled by a 3rd party product. We decide the easiest fix is to remove that validation and implement it ourselves (its a really odd bug and a terrible product). Then today the tech lead comes along and says "there could be another way, hang on while i download the latest Xcode and waste half the day fighting with it when you could be fixing it". I dunno why we bother doing the work in the first place. Clearly we should just leave it to him to save the day.1
-
Spot a mistake in the code.. Should i:
1. live with it and continue to build on top of it.. Do a special validation just for this special case.. Which is a quick solution
2. or rebuild that component.. But have to rewrite the 4 controllers that is using that component.. Which is a long solution
The daily dilemma of taking over someone elses project.. 。・゜・(ノД`)・゜・。4 -
If anyone is really bored, or doesn't have literally anything else to with their life, I just posted my first article :D
https://medium.com/@ksiig/...
If you want, take a look and tell me what you think :)11 -
The more I work on the backend forms validation side of my .NET Core project the more I understand how to fuck up web forms in general... 😈
Never underestimate the necessity of a backend validation other then the frontend one. 👿4 -
Fucking dto hell...
Dear C#/.NET developers or any other developers, do you have a fucking smart approach/technique to handle the fucktons of dto classes throughout your webapi and not having to go to 5 different classes if you change some validation attributes ??
Seriously, that is the only thing I like about JS. It just does not fucking care...
EDIT: This rant came across and just fits perfectly: https://devrant.com/rants/68633813 -
Let's asume I wan't to use software X. I notice software X is open source.
How do I validate that said software doesn't do shady stuff?
Is there some kind of platform which lists the audits of each software or alerts the internet if shady stuff happens?
I know about alternativeTo.net, where you can find software alternatives with licencing filters. (Which is great btw) but I'm missing proper validation of open source software...7 -
Wouldn’t it be great if there was a “Data Structures and Algorithms” certification that provided validation of your skills and was industry-wide accepted so that you don’t need to go through the same leetcode coding interviews at every new job
It’s rare to see a profession where experience means so little during the hiring process10 -
!rant
[Update on previous rant at the bottom]
So I had the technical test last friday. I did not try to implement any automated test as it is not my forte.
I had three hours to showcase my knowledge of data structures and OOP so I did that.
The test was somewhat long actually, so I left out one part that I did not have time to implement: validation of input files.
Today I got feedback, everything went well, they liked my code and I only got two negatives: Error handling and automated tests xD
Now I'm going to the second phase: phone interviews and they are gonna asks the whys of my implementation.
I'll have to explain why I did not implement automated tests and the girl on the phone told me "they didn't like it much that you had no tests because tests are very important for us".
I guess I'll have to come clean and say that I'm not very strong on that but willing to learn, so I didn't want to risk it doing something I'm not really good at.
I hope it ends up well.
prev rant:
https://devrant.com/rants/1607302/...4 -
Today I deeply understood/learned that if anything complex has to be built, tested and maintained by a single person the most important factor to don't go crazy is the concepts of "separation of concern".
Even though it makes the development slower (*) and quite some times boring it gives back in almost absence of uncertainty and because of repetitive patterns also ease on going back to work on a new/old part/feature.
(*) Because of planning and organisation of the code flows and layers flows, but also compartmentalization of actions (a bad example would be the mix of validation code with CRUD code)
How do you experience the separation of concern? (If you have ever had the chance)
Ps: still earning ~1400€/m, am I worth more? 🤔4 -
Itd be cool if we could get something like Schenzen.Io going, but you build the chips from the gates up
Maybe package them into modular units, and connect those at a higher level or abstraction, ad infinitum.
Then add access to virtual LCD output, and other peripherals, or even map output to real hardware, essentially letting you build near bare-metal virtual machines.
Dont know about that last part, but the closest I've seen to the rest is circuit simulator and again, schenzen.
On the machine learning front I figured out I need about ten times as many training samples as validation samples, or vice versa. I'll have to check my notes. Explains why I could get training loss below 2.11
Also, I'm looking at grouping digits, and trying different representations. I'm looking at the hidden variables for primorials to see what that reveals. And I realized because of the amount of configurations and training that I want to do, even a personally built cloud isnt going to be sufficient. I'm gonna have to rent someone else's hardware and run it "in duh cloud."
Any good providers that are ridiculously upfront for beginners to get started with? Namely something cheapish.3 -
"A day in the life of a mobile app developer"
No back-end validation or back-end string sanitisation.
All in the front-end. -
>selects function to see output in console on chrome
>oh yes obj1 very good
>selects another function that does minor validation (return obj if it exists)
>ok alright
>what was that property from obj1 again?
>selects same function, breakpoint didnt move an inch
>obj2
>whatthefuck.jpg -
I've been writing on this TCP server the last few days to integrate our software with some services used by the rest of the company.
Noticed the company service keeps making a new connection for every single message, and closes this at client side (without signifying the server).
So I contact the team who wrote these services and ask them what's happening. Team lead of that team doubts that I know what I'm talking about and tells me TCP automagically signals the server on disconnect, and this probably is a .Net only problem.
5 seconds of googlefu: half open tcp connection.
Apparently, the application doesn't care about dropped connections and losing connection states even though every service should be checked for licensing when connecting to the server. With this set-up everyone can just send a message other than the registration and pass through any 'validation' due to the fact there can be no connection state.
F*CKING INEPT IDIOT(S) OF TEAM LEAD/DEVELOPER TEAM! -
My work network AD password has to be changed every 90 days or so and it is really getting to me now. I'm beginning to run out of passwords to use and may soon have to resort to writing them down on a piece of paper and lock it somewhere.
I get why we need to change it often. What I don't like is the stupid validation rules AD uses to check passwords. It doesn't allow variations and you have to use something completely new.
I have only been in the job for about 8 months and I have had a nightmare experience updating my password recently as the synchronisation failed and I was locked out of my accounts for a day or 2 rendering my useless and having to call support for help.
How the he'll am I supposed to remember my passwords when I have to change them that often!!!18 -
Okay so I'm pissed. My JavaScript form validation doesnt work so I went tried it on the most simple fucking html form and it fucking works and I dont fuckign know what the problem is since I literally copy and pasted the form from the one that doesnt work10
-
I have always been painfully aware that us developers live in an entirely different world than the IT 'muggles'.
However now I usually browse devRant on my way to work (in the train) and listen to music. I have realised this means my time and attention is now almost exclusively devoted to the developers world. It's interesting to see how easy it is to isolate yourself from people who might behave or think differently.5 -
The CloudWatch API is an awkward piece of shit.
No convenient way to just ask for the latest value of a metric. Gotta supply a time window and hope metrics were actually reported within that window.
Oh and make sure your timestamps are in ISO 8601 or the request will fail (but the SDK does zero validation so a unit test won’t catch it of course).
Oh and you have to assign an arbitrary ID to each metric query in your request even if you don’t care about mapping the results back to the queries. And the regex for the ID is just fussy enough to be mildly irritating.1 -
Was working in an n-tier website, standard Web forms, BAL, DAL, database architecture. Validation and processing of data done in the BAL. Not the best idea, but whatever. Well apparently some developer thought it was too much work to pass his data through the BAL, so he directly accessed the DAL, performing zero validation on the data being passed in. Luckily, this was in a non-critical part of the site but the PM at the time nearly had a heart attack when I told him.
-
EPiServer Forms is probably the worst fucking thing to ever exist in terms of Nuget packages. I would rather shove an entire daikon radish up my asshole than trying to debug the stupid fucking mystery that code is. Wanna tie into the JavaScript events to handle payment validation? Go fuck yourself - u can’t use any external functionality.1
-
I finally got the lstm to a training and validation loss of < 0.05 for predicting the digits of a semiprime's factors.
I used selu activation with lecun normal initialization on a dense decoder, and compiled the model with Adam as the optimizer using mean squared error.
Selu is self-normalizing, meaning it tends to mean 0 and preserves a standard deviation of one, so it eliminates the exploding/vanishing gradient problem. And I can get away with this specifically because selu *only* works on dense layers.
I chose Adam, even though this isn't a spare problem, because Adam excels on noisy problems and non-stationary objectives (definitely this), and because adam typically doesn't require a lot of hyperparameter tuning its ideal here, especially considering because I don't know what the hyperparameters should be to begin with.
I did work out some general guidelines on training quantity vs validation, etc.
The initial set wasn't huge or anything, roughly 110k pairs for training.
It converged pretty quick all things considered, and to the low loss like I mentioned, but even then the system always outputs the same result, regardless of the input, so obviously I'm doing something incorrectly.
The effectiveness of this approach for training and validation makes me question if I haven't got something wildly wrong. Still exploring though and figuring out how to get my answers back out. I'm hoping I just fucked up the output, and not the input as well. -
i am currently tasked with testing various small company ERP softwares.
for the current one i have a full 30 days evaluation copy based on MSSQL Server, i had some problems to integrate the local MS Jet Databse into the server so i call support, all is well and good..except it doesnt work. After a while it turns out, my 15 character password was too long for their software to handle. Furthermore, everytime i try to login i have to enter the password twice, after asking the support why that is they say "so you have additional validation if you entered the correct password"
i tried to explain three times that i know the password, i dont create a password, there is no need for validation, the server (hopefully) will report wether my password was right or wrong. Support guy just says "i think differently, this is a good function"
in a few weeks i will visit them personally for a meeting, i dont know yet if i can stop myself stranggling this buffon2 -
1. Cool side projects
2. Learning new things and revisiting old concepts and tricky findings in my notes
3. Remembering all the times that I absolutely crushed it
4. Helping new developers and engineers who are not that well rounded but really curious about building things. you never look good trying to make someone else look bad so always try to help others. it’s fucking annoying sometimes though.
5. Posting shit on devRant and seeking validation -
Trying to add money to a prepaid SIM card today. Their website is a mess. Plus and minus buttons were not functioning, so my only option was to add 15 euro. Checked the console, no errors. Tried triggering the buttons jQuery, no luck. Found a data value attached to the submit button set to 15. Changed to 10, clicked submit, and BOOM, it worked! You just got engineered!
After I paid, I was curious, went back and set it to -15, and tried it again. Unfortunately, they know about backend validation. -
We're in the last stretch before going Live next week.
A training session was held with some of the future users.
"Why does that dossierID field is mandatory with a lot of validation rules? We don't use that info, we just remember the names."
"Why do we have this feature to manage x info that is linked with one of our services? We only needed a text field for custom values"1 -
In my internship, I was assigned for back-end development. I'm a first years student, so it's enough work for me. But I'm also making documents to be approved by other services (very frenchie) and I'm not allowed to code while these documents are not validated. And now, they are trying to make me do front-end and all the design validation process etc...
I can't see this hierarchy anymore, I'm hating work... -
QA: This email don't pass validation ( $%^&*&^%$@m.c)
Me: Yes, that's right, where is the problem ?
QA: We allow special characters in email field, so it should be valid, fix it.
Me: "Searching some info about top-level domains"
Me: Look, this is why this email is bad.
QA: So this email is valid ?
Me: No.
QA: Why ?
Me: O_O
QA: O_O
(╯°□°)╯︵ ┻━┻3 -
I just used a contact form of a local webshop. I couldnt enter my email address because it contains a +.
I contacted them to tell them about this issue and the response was it is because of security reasons. Since when is following specs a security breach? Unless their system is one leak I don't see how its possible.
Am I wrong or did they either lie or have a leak in their system?2 -
Tried to deploy a release ... pasted the git tag after copying it from a Jenkins build. We’ve done this a thousand times, BAU....
The deployment process tries to `git ls-remote 'git@git-repo.com:org/repo.git' '5.1.0*'` and complains it can’t find the tag in the remote.
Three hours later, 20 grey hairs the richer, I copy the build log into Slack to get some validation from others that I’m not crazy.
`git ls-remote 'git@git-repo.com:org/repo.git' '<200b><200b>5.1.0*'`
Faaaarrrrrrrrrrrrrrrr .... -
My DNS provider does not have an API. They do have one... That is wrong... But on the description page, they say we have to open a ticket to be given access. No requirements. Nothing...
And then I am told "they do no longer offer dns for private hosting". I don't even host with them, I only have a domain with them.
But the magical word is no longer. That means they did offer it. In the description of the API it still says "and for everyone who feels comfortable interacting with a REST API." Oh, and they asked anyone who works on it to be so nice and share any SDK's they might have coded up. Would have shared my SDK. Would have... If no Rust SDK was available yet.
So, what the fuck...
The problem with that is that I need a wildcard certificate for my homelab with DNS validation. So, I need to dynamically set a txt record. Now I wonder... Was this done on purpose? They are selling wild card certificates. Letsencrypt are giving them out for free. I bet they deactivated it, so they can sell more...
Anyway. Solution time.
Short term: I make my own API with black jack and hookers... And selenium.
Long term: I need to fucking move my domains to a different provider.
But what the fuck... What the fuck?7 -
I must have offended Satan or something, but I'm pulling my hairs out over this client data that feels like a fractal of bad validation invented to torment me. Misspelled field names, improperly combined fields, entries in the wrong column, impossible addresses, non-matching staging and production data / keys, invisible freaking characters that ruin automated matching - every dam thing you fix and the next one hits you in the face like a clown stepping on a rake. Jesus.1
-
So our app uses some service to validate users & the validation response is received either by a callback url or by polling. Since their documentation states callbacks are rather unstable and "should not be completely relied upon", we only use polling. Client, however, wants to use the callback url and use polling only "after we are sure that callback has not been received". WTF. When we asked how will we know callback has not been received because it has not been received, we were told to start polling after like 1 hour.
?!?!?!?!?!?! -
Find it funny when the client offers to pay 100Aed for designing a simple sign up form and asks to add 50Aed if validation, email and backend is done..3
-
Why is my test not failing? The actual and the expected json is completely different? What the fuck!?!
It says:
static::assertJson($expected, $actual);
right there.
Oh wait.
Nevermind.
`static::assertJson` only checks for any VALID json string that I always provided in with my own expectation m)
Use `assertJsonStringEqualsJsonString` instead.
What.
Who needs meaningful defaults.
(I would claim that `assertJson` should be defaulft for string equalness, and assertValidJson should be for any Json validation. But you are free to disagree.)4 -
Working on a multi-year college project, going through tests from previous team.
Every test is not working quite right. They're almost all intermittent failures.
The reason? Every single test class extends some test class, which usually extends from some primary test class.
That primary test class opens up their whole UI, and outside of their UI test package, the only thing that gets used is a variable named session (a string), which isn't even specific.
WHY THE FUCK WOULDN'T YOU JUST MAKE THE SESSION NAME STRING A VARIABLE IN THE TEST FILES YOU DUMB FUCKS
THE ARGUMENT VALIDATION TESTS DO NOT NEED TO OPEN THE UI, LET ALONE CREATE THE WHOLE FUCKING DATABASE JUST TO VALIDATE ARGUMENTS, WHICH YOU DO APPLICATION SIDE
(Also they made it so every session has their own tables as opposed to having session IDs. E.g., "person_sessionID1" and "person_sessionID2" exist.) -
I saw this clip the other day, and it made me think of frontend validation vs backend validation.
I firmly believe we developers can be thought of as wizards.
https://youtu.be/razcLU241241 -
The SIM card saga goes on:
To verify yourself, you need to go to some postal office and show them your ID and stuff. Not that this is complicated or anything (well actually, it is. Welcome to 2018 in Germany. We use more papers than potheads for the simplest shit), but you need to have a valid ID. Valid as in NOT EXPIRED. What the fuck. Why does my ID expire. Do I stop existing 3 years after getting it? What does it mean if it is, why is it culpable to have your ID expired. And who gets charged for having none, I mean obviously my ID doesn't identify me anymore?
What the hell man. I don't exist for 6 months now. Am I law free as not identifiable entity or how does it work?
And now the real question:
We got something called Bafög in Germany. Basically you get a bit money while studying. (I still work tho, I don't get really much from it.)
To apply for it, you need some tax number, which seemingly can be seen as a proof of my existence and my identity.
Why is this enough, why don't I need a valid ID there?
Germany is weird man. On the one hand government is all social and you get help if you need it but on the other hand you need to sacrifice 17 virigins to apply for said help..2 -
context: Python Sanic Backend, Bulma Frontend
*this is a direct repost of my rant on my discord*
UGH WHY IS EVERYTHING TOO COMPLICATED FOR NO FUCKING REASON
I JUST NEED AN INTERACTIVE UI WITHOUT EXPLICITLY DOING IT MYSELF WITH TONS OF BOILERPLATE CODE
React - uses JSX
Angular - uses TypeScript
what's next? some weird fucking thing that's not even necessary for basic needs
And why the fuck does react need node.js or some JSX compiler to make things easier?
None of this makes any fucking sense
Why not just declare actual javascript objects and functions and that's fuckin it
I just need regex validation and sometimes, custom validation based on other things
Then when the user changes something a small modal shows up asking to save changes
None of this bullshit
It's deadass simple
I don't need routing
No need for your JSX fuckery
No need for your TypeScript shit
I barely would even fucking use those
REEE
Fuck react, Fuck angular
React would've been the perfect thing for this shit
but NO
they had to make things 100x worse
Fucking bitch
because react has event hooks
I can just listen to the changes
then display the modal and get done with it
All other processing is done in the backend
IT'S THAT SIMPLE REACT
Validation is provided by the backend, Just fucking use regex in the frontend and that's it
IT JUST NEEDS TO DO SIMPLE THINGS
IT DOESN'T TAKE ROCKET SCIENCE TO DO MINIMAL WORK9 -
when windows 10 crashes and your vagrant takes AGES to get up after windows forced reboot on the crash.
Also found a stupid bug in some validation code I have written. SHAME.1 -
Should a validator change his object during validation?
I want to validate the address of a person with Google geolocation api. That needs one request against their api. After then I would need the lat lng in the person object. So I would need to request again. So should the validator update the object directly when it got checked? Or is there a better solution?2 -
So here I am debugging a factory in an algorithm I didn't write in a library I didn't write all so I can jam an exception throw into the code to handle input validation.
I am being forced to use exception handling. To handle input validation.
What is my life? It wasn't supposed to be this way. I was supposed to work with smart people who do smart things. Why? -
I know this is needed for extra quality but god do I hate having to validate everything I do by so many coworkers before actually being able to do something else. It would be fine if I could get another task while waiting for that validation but nooo, I have to wait until they’re done “validating” to actually move on.
It really feels like I’m losing so much time waiting for people...1 -
This morning I found out that the code I wrote to convert json data to a new format in our DB was giving errors and a bunch of questions got saved with the wrong property. It was assumed when it was triaged with my boss that we would only see one key property so the code written by me so the code was aimed at that. Well some questions have multiple keys for no reason. They are mostly floating data that hasn't been wiped clean because the develop who wrote this use json data in psql with no validation or data cleaning. This edge case was also never caught on PR reviews and we got a pretty heavy review process. I'm not being blamed for it. Most of it I think all the devs feel bad we didn't catch this because it affected us greatly. I've been working all morning trying to resolve it with my boss and just now in the evening we stopped. I just feel like I'm not a good dev at all and just want advice on how to deal with situations like this. I'm a new dev and this is my first job I have held for almost a year2
-
Level of fuckity fuck mood.
After changing dozens of build plans in Bamboo, the build system of poo...
How to verify that nothing has gone wrong?
Poking the database, you'll be surprised that Bamboo stores the buildplan definition as XML.
Another surprise: Some of the keys / values have typos.
Yeah. You read that right. There are typos inside the XML...
Now together with Postgres, we can use XPATH and have some fun.
UNNEST(COALESCE(XPATH('/configuration/buildTasks/taskDefinition[userDescription[contains(text(),"Bleep")]]', build_definition.xml_definition_data::xml)::varchar[], ARRAY['']))
Lovely wrapping via coalesce for some null safety.
Now we get da task definitions for fields having user description text containing bleep.
Wrapping it in two REGEXP_REPLACE to strip out stupid identifiers....
REGEXP_REPLACE(REGEXP_REPLACE(...., '<id>\d+</id>', ''), '<oid>\d+</oid>', ''))
Then wrap that in MD5.
Boom. Lots of MD5 sums to help you identify if the configs are identical for a task or not.
Now wrapping that in another select to group by the MD5 and filter out the non identical ones.
I hate it how sometimes one has to seemingly do a full 2 hour dance for something as stupid as validation.
I'm pretty glad though for XML and XPATH.
Cause otherwise that would have been a whole can of worms I don't wanna think about....2 -
"Validation failed for one or more entities. See 'EntityValidationErrors' property for more details."
That really helps in my error log Entity Framework ❤ -
A year ago I built my first todo, not from a tutorial, but using basic libraries and nw.js, and doing basic dom manipulations.
It had drag n drop, icons, and basic saving and loading. And I was satisfied.
Since then I've been working odd jobs.
And today I've decided to stretch out a bit, and build a basic airtable clone, because I think I can.
And also because I hate anything without an offline option.
First thing I realized was I wasn't about to duplicate all the features of a spreadsheet from scratch. I'd need a base to work from.
I spent about an hour looking.
Core features needed would be trivial serialization or saving/loading.
Proper event support for when a cell, row, or column changed, or was selected. Necessary for triggering validation and serialization/saving.
Custom column types.
Embedding html in cells.
Reorderable columns
Optional but nice to have:
Changeable column width and row height.
Drag and drop on rows and columns.
Right click menu support out of the box.
After that hour I had a few I wanted to test.
And started looking at frameworks to support the SPA aspects.
Both mithril and riot have minimal router support. But theres also a ton of other leightweight frameworks and libraries worthy of prototyping in, solid, marko, svelte, etc.
I didn't want to futz with lots of overhead, babeling/gulping/grunting/webpacking or any complex configuration-over-convention.
Didn't care for dom vs shadow dom. Its a prototype not a startup.
And I didn't care to do it the "right way". Learning curve here was antithesis to experimenting. I was trying to get away from plugin, configuration-over-convention, astronaut architecture, monolithic frameworks, the works.
Could I import the library without five dozen dependancies and learning four different tools before getting to hello world?
"But if you know IJK then its quick to get started!", except I don't, so it won't. I didn't want that.
Could I get cheap component-oriented designs?
Was I managing complex state embedded in a monolith that took over the entire layout and conventions of my code, like the world balanced on the back of a turtle?
Did it obscure the dom and state, and the standard way of doing things or *compliment* those?
As for validation, theres a number of vanilla libraries, one of which treats validation similar to unit testing, which seems kinda novel.
For presentation and backend I could do NW.JS, which would remove some of the complications, by putting everything in one script. Or if I wanted to make it a web backend, and avoid writing it in something that ran like a potato strapped to a nuclear rocket (visual studio), I could skip TS and go with python and quart, an async variation of flask.
This has the advantage that using something thats *not* JS, namely python, for interacting with a proper database, and would allow self-hosting or putting it online so people can share data and access in real time with others.
And because I'm horrible, and do things the wrong way for convenience, I could use tailwind.
Because it pisses people off.
How easy (or hard) would it be to recreate a basic functional clone of the core of airtable?
I don't know, but I have feeling I'm going to find out!1 -
It's been 5 days since I'm blocked on a field validation with a framework that I don't understand. I might kill somebody on my way home.4
-
is laravel app really enjoyable to write ?
i started as a laravel dev. the known story , all code in controllers etc. As i started to improve, fortunately i changed company, and worked with a symfony project. A symfony that looked like java. hundreds of classes, tests, yaml injections , objects for requests, for everything.
I thought that i missed the old laravel days, and i took an extra job on laravel again. I was soooo wrong.
It was not only that the code of the previous dev was inferior to what i am now used, it is that i have to be with an open documentation all the time. Even if the project is in the same version that i have used to earlier (an old one).
You have to check all the time the model settings, the migration, the magic tricks of model mass insert, the castings, the validation rules, why the tests are not finding some routes, why this, why that, how it is written this.
Excuse me, but i think the fun and easiness is far from what they say and what i thought it was. I start to change my mind and believe that inserting the request to a simple php object is more controllable than the gandalf tricks that laravel is doing, and you cannot know if it is worth your time to test it . And more importantly, you do not have to look at the cookbook, all the time@@@5 -
Why does rails have validation at the model layer? Isn't that what the table schema/migration is for?4
-
Just received code review from interview technical task. 50 percent of it was because of encapsulation (that 5-8 variables could have been private instead of public). 20 percent was about shit that was expected but missing (error validation, dependency injection). It was missing because it was not specified in app requirements and also noone said that I have to build a production level application for a simple interview here. 10 percent was nitpicking about formatting(I used default intellij formatter) and one ide error that appeared because of project importing. And only 20 percent of feedback was actually constructive and useful. Cool. Also developer said that he was shocked that I made loading animation but didnt call it in my app. However I made it, but if you have fast internet connection it doesnt show up. I mean if you run my app on a phone with gprs connection u will see that damn animation. What Im supposed to do slow down the app so u could see it? But we are building production level app here no? Shit. It feels like he applied double standards to me or something. Half of review nitpicking about useless details and another half about shit that is expected to be in the app but was not even communicated. Also I did not get developers contact so I could ask him what the fck he wanted from me.1
-
The stuff like bootstrap has made the life of developers pretty simple..........that if someone even wants to enable validation would think ........Man I should google it out there would be something in bootstrap.....
-
Fuck you Linux! I thought user password validation would be a piece of cake, like bash one liner. How wrong could I be!
Yeah, it's already ugly to grep hash and salt from /etc/shadow, but I could accept that. But then give me a friggin' tool to generate the hash. And of course the distro I chose has the wrong makepswd, OpenSSL is too old to have the new SHA-512 built in, as it should be a minimal installation I don't want to use perl or python...
And the stupid crypto function that would do me the job is even included in glibc. So it's only one line of C-code to give me all I want, but there is no package that would provide me this dull binary? Instead I will have to compile it myself and then again remove the compiler to keep image small?5 -
Google Search Console insists there is "content wider than screen" on a one-pager I did which works very well on all tested sizes and devices, and scores 90+ on Google PageSpeed Insights.
"Validation failed - see details."
Clicked on "see details", and only saw the 1 URL I already knew, which seems to be working fine for everyone. If Google detetcs an actual issue, it would be really helpful to provide some details, otherwise this kind of false-positive crap only serves to care less about their tools (which is a bit of a shame, as they do provide a lot of value most of the time).2 -
Having to sit through a debate between my lead and boss about how to implement something trivial like front end validation in a non-public facing part of our system. Or worse, working on something as per my lead's instructions only to have my boss tell me its all fucking wrong and to start over.
-
Guys check out IOTA, get a light node wallet and buy some as long as it is still low. It is rising at a rising rate since some hours now.
IOTA is the solution to bitcoins speed and scalability problems. IOTA does not use the blockchain but instead a network called the tangle, which enables decentralized peer-to-peer transactions. There are no miners, no fees and the transaction validation speed depends on how many people are using the currency. One transaction requires your device to validate 2 other transactions through proof of work and therefore the system can never be overloaded by too many transaction requests.
Be warned though, the IOTA foundation is only currently building up the infrastructure, and people are just starting to trade since a few weeks so trasactions still may take a few hours.3 -
Trying to figure out why switching underlying object in data binding does not update.
checking type validation, nothing
checking types in bound events, nothing,
maybe some exceptions it thrown? nothing...
check the "class"... IT'S A FUCKING STRUCT -
Finally got my multi-page dialog with stepper to have validation on every field based on a schema in a way that doesn’t totally mess up styling and that still collects information from fields from both pages to send the Graphql mutation.
So happy I could cry. -
In last 24 hours this platform has given enough validation that my forms have an interiority complex now.
-
Multer is shit.
Do you know how to validate file size + mime type of the file before saving it to the disk?
Here is an instruction:
1. In one place you provide a it a fileFilter function that will validate the mime type, but this function can not validate file size or send user response.
2. In second place provide it a config limits file, that will validate file size, but can not validate mime type
3. In third place you provide middleware to capture any errors caused by previous 2 places and send response back to the user.
4. Go google for what is cb in multer because their shit documentation says nothing about it
Such simple thing as request->validation->response is split into 3 different parts, each of different type: callback, config file and middleware.
Why do so much people use this shit written by a braindead retarded morons?3 -
I recently joined the team that is responsible for the maintenance and development of the ibis adapter framework (http://github.com/ibissource/iaf)
The IAF is an integration framework, with a set of pipes written in java one can compose a service written in xml by building a pipeline with the premade pipes. For data mapping and validation we use xsl and xsd files. The framework can communicate over different protocols such as HTTP(S), JMS, EMS, SMTP, FTP and more.
I will be responsible for the web interface where you can manage/debug/test your application.1 -
So I sent an email to a list of email ids. I got error message that one id does not exist. Does that mean the email didn’t go to just that one address and went to the others? Or the email didn’t do to anyone? I’m talking about gmail.6
-
The freecodecamp beta is so ****ing buggy, all I want to do is brush up on my JavaScript and learn a little ES6 and nothing works and their validation is so terrible that I have to bring my code out and validate it somewhere else to make sure I’m doing it right. This isn’t a beta, it’s an alpha1
-
That moment when you are struggling for hours to get your validation working, and in the end it's just a name that had to be turned into an id -_-
-
At old e-commerce job, some orders were coming through with most of the shipping info missing. The only info filled out was the State. When we looked at Heap, we could see the user was filling in those fields. There was both frontend and backend validation for required form data, so the user shouldn’t have been able to checkout without an address.
When I looked at the BE logic, I saw addresses were retrieved from our database by using a method called GetOrCreateDefaultAddress. When the website couldn’t find the address in the db, it created a new one where the only address field that was filled in was the state.
Unfortunately, this default address creation was happening after the submit button had been hit. There was no logic to validate the address this late in the checkout because the earlier form validation in the process should have caught this.
The orders did have email addresses, so customer service did have a way to contact the customer. I have no idea what happened to the user’s address. Was it never saved? Did it get caught up in a cron job to delete old users and addresses from the db??1 -
I'm thinking of making a email validation api that can check if an email address is temporary disposable email, tld domain, from a free email provider, mx detals, delivery availability etc.
Is this even a good API idea?6 -
js = pia I wish you could manually trigger validation of a field using Parsleyjs ...always looking for a clean workaround
-
Ranting doesn't help if the you didn't verified the email. Really devRant, all my ranting I did previous about the customer is gone. _-_2
-
I just got myself working with the worst developers I could ever know, they don't know nothing about dry, kiss principles... They built an entire platform using Zend framework but they don't used mvc layers right and there is no backend validation most of the time, besides many other true newbie developer problems. I just came to this job and from and Rb/Python background and I can't live with this piece of code. They have 20+ years in the market while I'm just a guy with 5 or 6 years. What should I do if I can't convince the startup owners they are bad as hell waste of money?1
-
I am making a WYSIWYG text editor for my next Product. Is there anything that I should include and is currently lacking in text Editors of Medium, Hackernoon etc.
-
Has anyone done client side validation of subscriptions in Android? Or atleast just figure if it's expired or not?
I've spent my whole day trying to do this without a server and no, Google only has API for servers.
SO working answers are like 3-5 years old after which the API were changed. New answers simply ignore the part 'client side'1 -
Tried to set "Executor count" of a Jenkins slave node to "0" in a naive attempt to disable it temporarily.. Jenkins crashed by "Divide by zero".. It is surely a top quality(!!) tool...
-
#Suphle Rant 7: transphporm failure
In this issue, I'll be sharing observations about 3 topics.
First and most significant is that the brilliant SSR templating library I've eyed for so many years, even integrated as Suphle's presentation layer adapter, is virtually not functional. It only works for the trivial use case of outputting the value of a property in the dataset. For instance, when validation fails, preventing execution from reaching the controller, parsing fails without signifying what ordinance was being violated. I trim the stylesheet and it only works when outputting one of the values added by the validation handler. Meaning the missing keys it can't find from controller result is the culprit.
Even when I trimmed everything else for it to pass, the closing `</li>` tag seems to have been abducted.
I mail project owner explaining what I need his library for, no response. Chat one of the maintainers on Twitter, nothing. Since they have no forum, I find their Gitter chatroom, tag them and post my questions. Nothing. The only semblance of a documentation they have is the Github wiki. So, support is practically dead. Project last commit: 2020. It's disappointing that this is how my journey with them ends. There isn't even an alternative that shares the same philosophy. It's so sad to see how everybody is comfortable with PHP templating syntax and back end logic entagled within their markup.
Among all other templating libraries, Blade (which influenced my strong distaste for interspersing markup and PHP), seems to be the most popular. First admission: We're headed back to the Blade trenches, sadly.
2nd Topic: While writing tests yesterday, I had this weird feeling about something being off. I guess that's what code smell is. I was uncomfortable with the excessive amount of mocking wrappers I had to layer upon SUT before I can observe whether the HTML adapter receives expected markup file, when I can simply put a `var_dump` there. There's a black-box test for verifying the output but since the Transphporm headaches were causing it to fail, I tried going white-box. The mocking fixture was such a monstrosity, I imagined Sebastian Bergmann's ghost looking down in abhorrence over how much this Degenerate is perverting and butchering his creation.
I ultimately deleted the test travesty but it gave rise to the question of how properly designed system really is. Or, are certain things beyond testing white box? Are there still gaps in the testing knowledge of a supposed testing connoisseur? 2nd admission.
Lastly, randomly wanted to tweet an idea at Tomas Votruba. Visited his profile, only to see this https://twitter.com/PovilasKorop/.... Apparently, Laravel have implemented yet another feature previously only existing in Suphle (or at the libraries Arkitekt and Deptrac). I laughed mirthlessly as I watch them gain feature-parity under my nose, when Suphle is yet to be launched. I refuse to believe they're actually stalking Suphle3 -
Resolve overlaps in repos downstream from current project. 1 overlap... Get in today, 7 overlaps downstream; including original. This means we can't deploy the code that a developer decided needed to be fixed; it didn't; and we have 1 week before go live and still need UAT validation, oh and QA needs to retest all the components due to the "required fix". What in the actual fuck?!
-
https://symfony.com/doc/3.4/...
Look at how they write docs:
"->atPath('foo')"
how can I fucking know what to pass instead of foo? I cannot make show fucking error message near the field.
Are they writing such doc so that we would spend more time searching how to make show fucking simple error message?
"The atPath() method defines the property which the validation error is associated to. Use any valid PropertyAccess syntax to define that property."
Property on my entity is collection of $values . Tried passing 'values' - no effect.2